Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat richfaces vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2018-12532
JBoss RichFaces 4.5.3 up to and including 4.5.17 allows unauthenticated remote malicious users to inject an arbitrary expression language (EL) variable mapper and execute arbitrary Java code via a MediaOutputResource's resource request, aka RF-14309.
Redhat Richfaces
1 Github repository
605
VMScore
CVE-2015-0279
JBoss RichFaces prior to 4.5.4 allows remote malicious users to inject expression language (EL) expressions and execute arbitrary Java code via the do parameter.
Redhat Richfaces
1 Github repository
383
VMScore
CVE-2014-7852
Cross-site scripting (XSS) vulnerability in JBoss RichFaces, as used in JBoss Portal 6.1.1, allows remote malicious users to inject arbitrary web script or HTML via crafted URL, which is not properly handled in a CSS file.
Redhat Jboss Enterprise Portal Platform 6.1.1
383
VMScore
CVE-2014-0086
The doFilter function in webapp/PushHandlerFilter.java in JBoss RichFaces 4.3.4, 4.3.5, and 5.x allows remote malicious users to cause a denial of service (memory consumption and out-of-memory error) via a large number of malformed atmosphere push requests.
Redhat Richfaces 5.0.0
Redhat Jboss Web Framework Kit 2.5.0
Redhat Richfaces 4.3.5
Redhat Richfaces 4.3.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started