Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

redhat jboss a-mq 6.0.0 vulnerabilities and exploits

(subscribe to this query)
6
CVSSv2
CVE-2021-4104
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests t...
Apache Log4j 1.2Fedoraproject Fedora 35Redhat Jboss Operations Network 3.0Redhat Jboss A-mq 6.0.0Redhat Enterprise Linux 7.0Redhat Enterprise Linux 6.0Redhat Jboss Enterprise Application Platform 6.0.0Redhat Jboss Enterprise Application Platform 7.0Redhat Jboss Fuse 6.0.0Redhat Jboss Fuse Service Works 6.0Redhat Jboss Web Server 3.0Redhat Jboss Data Virtualization 6.0.0Redhat Enterprise Linux 8.0Redhat Single Sign-on 7.0Redhat Software Collections -Redhat Jboss Fuse 7.0.0Redhat Process Automation 7.0Redhat Jboss Data Grid 7.0.0Redhat Openshift Application Runtimes -Redhat Codeready Studio 12.0Redhat Integration Camel K -Redhat Openshift Container Platform 4.6
4.4
CVSSv2
CVE-2017-7536
In Hibernate Validator 5.2.x prior to 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occ...
Redhat Hibernate ValidatorRedhat Satellite 6.4Redhat Satellite Capsule 6.4Redhat Jboss Enterprise Application Platform 6.0.0Redhat Jboss Enterprise Application Platform 6.4.0Redhat Jboss Enterprise Application Platform 7.0Redhat Jboss Enterprise Application Platform 7.1Redhat Virtualization 4.0Redhat Virtualization Host 4.0
NA
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0Nghttp2 Nghttp2Netty NettyEnvoyproxy Envoy 1.27.0Envoyproxy Envoy 1.26.4Envoyproxy Envoy 1.25.9Envoyproxy Envoy 1.24.10Eclipse JettyCaddyserver CaddyGolang Http2Golang GoGolang NetworkingF5 Big-ip AnalyticsF5 Big-ip Policy Enforcement ManagerF5 Big-ip Local Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Global Traffic ManagerF5 Big-ip Fraud Protection ServiceF5 Big-ip Domain Name SystemF5 Big-ip Application Security ManagerF5 Big-ip Application Acceleration ManagerF5 Big-ip Advanced Firewall Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook