Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat jboss enterprise soa platform 5.0.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-2493
The default configuration of the deployment descriptor (aka web.xml) in picketlink-sts.war in (1) the security_saml quickstart, (2) the webservice_proxy_security quickstart, (3) the web-console application, (4) the http-invoker application, (5) the gpd-deployer application, (6) t...
Redhat Jboss Enterprise Soa Platform 4.3.0
Redhat Jboss Enterprise Soa Platform 5.0.0
Redhat Jboss Enterprise Soa Platform 4.2.0
Redhat Jboss Enterprise Soa Platform
NA
CVE-2012-2377
JGroups diagnostics service in JBoss Enterprise Portal Platform prior to 5.2.2, SOA Platform prior to 5.3.0, and BRMS Platform prior to 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent networks to read diagnos...
Redhat Jboss Enterprise Portal Platform 5.1.1
Redhat Jboss Enterprise Portal Platform 5.1.0
Redhat Jboss Enterprise Portal Platform
Redhat Jboss Enterprise Portal Platform 5.2.0
Redhat Jboss Enterprise Portal Platform 4.3.0
Redhat Jboss Enterprise Portal Platform 5.0.1
Redhat Jboss Enterprise Portal Platform 5.0.0
Redhat Jboss Enterprise Soa Platform 5.1.1
Redhat Jboss Enterprise Soa Platform 5.1.0
Redhat Jboss Enterprise Soa Platform 4.2.0
Redhat Jboss Enterprise Soa Platform
Redhat Jboss Enterprise Soa Platform 4.3.0
Redhat Jboss Enterprise Soa Platform 5.0.0
Redhat Jboss Enterprise Soa Platform 5.0.2
Redhat Jboss Enterprise Soa Platform 5.0.1
Redhat Jboss Enterprise Brms Platform
NA
CVE-2011-4085
The servlets invoked by httpha-invoker in JBoss Enterprise Application Platform prior to 5.1.2, SOA Platform prior to 5.2.0, BRMS Platform prior to 5.3.0, and Portal Platform prior to 4.3 CP07 perform access control only for the GET and POST methods, which allow remote malicious ...
Redhat Jboss Enterprise Application Platform 4.3.0
Redhat Jboss Enterprise Application Platform 5.0.1
Redhat Jboss Enterprise Application Platform 5.1.0
Redhat Jboss Enterprise Application Platform 4.2.0
Redhat Jboss Enterprise Application Platform
Redhat Jboss Enterprise Application Platform 5.0.0
Redhat Jboss Enterprise Soa Platform 4.3.0
Redhat Jboss Enterprise Soa Platform 4.2.0
Redhat Jboss Enterprise Soa Platform 5.0.2
Redhat Jboss Enterprise Soa Platform 5.0.1
Redhat Jboss Enterprise Soa Platform 5.1.0
Redhat Jboss Enterprise Soa Platform
Redhat Jboss Enterprise Soa Platform 5.0.0
Redhat Jboss Enterprise Brms Platform
Redhat Jboss Enterprise Portal Platform
NA
CVE-2012-1167
The JBoss Server in JBoss Enterprise Application Platform 5.1.x prior to 5.1.2 and 5.2.x prior to 5.2.2, Web Platform prior to 5.1.2, BRMS Platform prior to 5.3.0, and SOA Platform prior to 5.3.0, when the server is configured to use the JaccAuthorizationRealm and the ignoreBaseD...
Redhat Jboss Enterprise Application Platform 5.1.1
Redhat Jboss Enterprise Application Platform 5.1.0
Redhat Jboss Enterprise Application Platform 5.2.0
Redhat Jboss Enterprise Application Platform 5.2.1
Redhat Jboss Enterprise Soa Platform 5.1.0
Redhat Jboss Enterprise Soa Platform 5.0.2
Redhat Jboss Enterprise Soa Platform 5.0.1
Redhat Jboss Enterprise Soa Platform
Redhat Jboss Enterprise Soa Platform 5.1.1
Redhat Jboss Enterprise Web Platform 5.1.0
Redhat Jboss Enterprise Brms Platform
Redhat Jboss Enterprise Web Platform
Redhat Jboss Enterprise Soa Platform 5.0.0
7.5
CVSSv3
CVE-2012-5626
EJB method in Red Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 5; Red Hat JBoss Operations Network 3.1; Red Hat JBoss Portal 4 and 5; Red Hat JBoss SOA Platform 4.2, 4.3, and 5; in Red Hat JBoss Enterprise Web Server 1 ignores roles specified using the @RunAs a...
Redhat Jboss Brms 5
Redhat Jboss Enterprise Application Platform 5.0.0
Redhat Jboss Enterprise Web Server 1.0.0
Redhat Jboss Operations Network 3.1
Redhat Jboss Portal 4.0.0
Redhat Jboss Portal 5.0.0
Redhat Jboss Soa Platform 4.2
Redhat Jboss Soa Platform 4.3
Redhat Jboss Soa Platform 5
5.9
CVSSv3
CVE-2011-2487
The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J prior to 1.6.5 is susceptible to a Bleichenbacher attack.
Apache Wss4j
Apache Cxf
Redhat Jboss Enterprise Soa Platform 4.3.0
Redhat Jboss Enterprise Soa Platform 4.2.0
Redhat Jboss Enterprise Application Platform 5.0.0
Redhat Jboss Portal 4.0.0
Redhat Jboss Enterprise Web Platform 5.0.0
Redhat Jboss Business Rules Management System 5.3
Redhat Jboss Enterprise Application Platform Text-only Advisories -
Redhat Jboss Middleware Text-only Advisories -
Redhat Jboss Web Services -
NA
CVE-2011-2908
Cross-site request forgery (CSRF) vulnerability in the JMX Console (jmx-console) in JBoss Enterprise Portal Platform prior to 5.2.2, BRMS Platform 5.3.0 before roll up patch1, and SOA Platform 5.3.0 allows remote authenticated users to hijack the authentication of arbitrary users...
Redhat Jboss Enterprise Portal Platform 5.0.0
Redhat Jboss Enterprise Portal Platform 5.1.1
Redhat Jboss Enterprise Portal Platform 5.1.0
Redhat Jboss Enterprise Portal Platform
Redhat Jboss Enterprise Brms Platform 5.3.0
Redhat Jboss Enterprise Portal Platform 5.2.0
Redhat Jboss Enterprise Soa Platform 5.3.0
Redhat Jboss Enterprise Portal Platform 5.0.1
NA
CVE-2009-5066
twiddle.sh in JBoss AS 5.0 and EAP 5.0 and previous versions accepts credentials as command-line arguments, which allows local users to read the credentials by listing the process and its arguments.
Redhat Jboss Community Application Server 5.0.0
Redhat Jboss Enterprise Application Platform 5.0.0
NA
CVE-2012-5575
Apache CXF 2.5.x prior to 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting, which allows remote malicious users to force CXF to use w...
Apache Cxf 2.5.2
Apache Cxf 2.5.9
Redhat Jboss Enterprise Web Platform 5.2.0
Redhat Jboss Enterprise Soa Platform 4.3.0
Apache Cxf 2.6.0
Apache Cxf 2.5.3
Apache Cxf 2.7.3
Apache Cxf 2.5.7
Redhat Jboss Fuse Esb Enterprise 7.1.0
Apache Cxf 2.6.2
Apache Cxf 2.5.0
Apache Cxf 2.5.1
Apache Cxf 2.5.5
Apache Cxf 2.5.8
Apache Cxf 2.6.5
Apache Cxf 2.7.0
Apache Cxf 2.6.6
Apache Cxf 2.6.3
Redhat Jboss Enterprise Portal Platform 4.3.0
Apache Cxf 2.5.6
Apache Cxf 2.6.4
Apache Cxf 2.6.1
5.9
CVSSv3
CVE-2020-14340
A vulnerability exists in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the malicious user to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 up to and including 3.8.1.Final.
Redhat Xnio
Redhat Xnio 3.6.0
Redhat Jboss Operations Network 3.0
Redhat Jboss Enterprise Application Platform 6.0.0
Redhat Jboss Fuse 6.0.0
Redhat Jboss Enterprise Application Platform 5.0.0
Redhat Jboss Fuse 7.0.0
Redhat Jboss Data Grid 7.0.0
Redhat Jboss Brms 5
Redhat Jboss Soa Platform 5
Redhat Jboss Brms 6
Redhat Jboss Data Grid 6.0.0
Redhat Jboss Data Virtualization 6.0.0
Oracle Communications Cloud Native Core Network Repository Function 1.14.0
Oracle Communications Cloud Native Core Policy 1.14.0
Oracle Communications Cloud Native Core Unified Data Repository 1.14.0
Oracle Communications Cloud Native Core Service Communication Proxy 1.14.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.15.0
Oracle Communications Cloud Native Core Console 1.9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »