Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat jboss enterprise data services platform vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2012-3431
The Teiid Java Database Connectivity (JDBC) socket, as used in JBoss Enterprise Data Services Platform prior to 5.3.0, does not encrypt login messages by default contrary to documentation and specification, which allows remote malicious users to obtain login credentials via a man...
Redhat Jboss Enterprise Data Services Platform 5.1.0
Redhat Jboss Enterprise Data Services Platform
5
CVSSv2
CVE-2011-1096
The W3C XML Encryption Standard, as used in the JBoss Web Services (JBossWS) component in JBoss Enterprise Portal Platform prior to 5.2.2 and other products, when using block ciphers in cipher-block chaining (CBC) mode, allows remote malicious users to obtain plaintext data via a...
Redhat Jboss Enterprise Portal Platform 5.0.0
Redhat Jboss Enterprise Portal Platform 5.1.1
Redhat Jboss Enterprise Portal Platform 5.1.0
Redhat Jboss Enterprise Portal Platform
Redhat Jboss Enterprise Portal Platform 5.2.0
Redhat Jboss Enterprise Portal Platform 5.0.1
5
CVSSv2
CVE-2020-25710
A flaw was found in OpenLDAP in versions prior to 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.
Openldap Openldap
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Jboss Enterprise Web Server 2.0.0
Redhat Enterprise Linux 5.0
Redhat Jboss Enterprise Application Platform 5.0.0
Redhat Jboss Core Services -
Debian Debian Linux 9.0
Fedoraproject Fedora 33
6.4
CVSSv2
CVE-2019-14887
A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potent...
Redhat Jboss Data Grid 7.0.0
Redhat Jboss Enterprise Application Platform 7.0.0
Redhat Jboss Fuse 7.0.0
Redhat Openshift Application Runtimes -
Redhat Single Sign-on 7.0
Redhat Wildfly 7.2.0
Redhat Wildfly 7.2.3
Redhat Wildfly 7.2.5
6.8
CVSSv2
CVE-2020-25689
A memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where host-controller tries to reconnect in a loop, generating new connections which are not properly closed while not able to connect to domain-controller. This flaw allows an malicious user to cause an ...
Redhat Wildfly
Redhat Jboss Enterprise Application Platform 7.0.0
Redhat Single Sign-on 7.0
Redhat Jboss Fuse 7.0.0
Redhat Jboss Data Grid 7.0.0
Redhat Openshift Application Runtimes -
Redhat Fuse 6.0.0
Netapp Oncommand Insight -
Netapp Service Level Manager -
Netapp Active Iq Unified Manager -
6.5
CVSSv2
CVE-2021-32027
A flaw was found in postgresql in versions prior to 13.3, prior to 12.7, prior to 11.12, prior to 10.17 and prior to 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The...
Postgresql Postgresql
Redhat Enterprise Linux 7.0
Redhat Jboss Enterprise Application Platform 7.0.0
Redhat Enterprise Linux 8.0
Redhat Software Collections -
NA
CVE-2022-1278
A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain.
Redhat Wildfly
Redhat Single Sign-on 7.0
Redhat Amq 2.0
Redhat Integration Service Registry -
Redhat Integration Camel K -
Redhat Jboss A-mq 7
Redhat Jboss Enterprise Application Platform Expansion Pack -
Redhat Amq Online -
6
CVSSv2
CVE-2021-4104
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests t...
Apache Log4j 1.2
Fedoraproject Fedora 35
Redhat Jboss Operations Network 3.0
Redhat Jboss A-mq 6.0.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Jboss Enterprise Application Platform 6.0.0
Redhat Jboss Enterprise Application Platform 7.0
Redhat Jboss Fuse 6.0.0
Redhat Jboss Fuse Service Works 6.0
Redhat Jboss Web Server 3.0
Redhat Jboss Data Virtualization 6.0.0
Redhat Enterprise Linux 8.0
Redhat Single Sign-on 7.0
Redhat Software Collections -
Redhat Jboss Fuse 7.0.0
Redhat Process Automation 7.0
Redhat Jboss Data Grid 7.0.0
Redhat Openshift Application Runtimes -
Redhat Codeready Studio 12.0
Redhat Integration Camel K -
Redhat Openshift Container Platform 4.6
20 Github repositories
6.8
CVSSv2
CVE-2021-3516
There's a flaw in libxml2's xmllint in versions prior to 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.
Xmlsoft Xmllint
Debian Debian Linux 9.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Jboss Core Services -
Redhat Enterprise Linux 8.0
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Oracle Zfs Storage Appliance Kit 8.8
7.8
CVSSv2
CVE-2019-9514
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer...
Apple Swiftnio
Apache Traffic Server
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Debian Debian Linux 9.0
Synology Skynas -
Synology Diskstation Manager 6.2
Synology Vs960hd Firmware -
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Software Collections 1.0
Redhat Openshift Container Platform 3.9
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 3.10
Redhat Jboss Core Services 1.0
Redhat Enterprise Linux 8.0
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644
unprivileged
CVE-2024-3494
CVE-2024-22460
CVE-2024-26026
CVE-2024-23473
firewall
CVE-2024-28889
XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »