Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
glassfish vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2018-14324
The demo feature in Oracle GlassFish Open Source Edition 5.0 has TCP port 7676 open by default with a password of admin for the admin account. This allows remote malicious users to obtain potentially sensitive information, perform database operations, or manipulate the demo via a...
Oracle Glassfish Server 5.0
6.8
CVSSv2
CVE-2012-0550
Unspecified vulnerability in the GlassFish Enterprise Server component in Oracle Sun Products Suite GlassFish Enterprise Server 3.1.1 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors related to Web Container.
Oracle Glassfish Server 3.1.1
1 EDB exploit
5
CVSSv2
CVE-2017-1000028
Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request.
Oracle Glassfish Server 4.1
3 EDB exploits
2 Github repositories
5
CVSSv2
CVE-2017-1000030
Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Java Key Store Password Disclosure vulnerability, that makes it possible to provide an unauthenticated attacker plain text password of administrative user and grant access to the web-based administrati...
Oracle Glassfish Server 3.0.1
5
CVSSv2
CVE-2017-1000029
Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Local File Inclusion vulnerability, that makes it possible to include arbitrary files on the server, this vulnerability can be exploited without any prior authentication.
Oracle Glassfish Server 3.0.1
5
CVSSv2
CVE-2018-3210
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...
Oracle Glassfish Server 3.1.2
10
CVSSv2
CVE-2012-1712
Directory traversal vulnerability in the Liferay component in Oracle Sun GlassFish Web Space Server prior to 10.0 Update 7 Patch 2 has unknown impact and attack vectors.
Oracle Glassfish Web Space Server10.0 Update 7
2.1
CVSSv2
CVE-2011-3564
Unspecified vulnerability in Oracle GlassFish Enterprise Server 2.1.1 allows local users to affect confidentiality via unknown vectors related to Administration.
Oracle Sun Glassfish Enterprise Server 2.1.1
2.4
CVSSv2
CVE-2010-2397
Unspecified vulnerability in Oracle Sun Java System Application Server 8.0, 8.1, and 8.2; and GlassFish Enterprise Server 2.1.1; allows local users to affect confidentiality and integrity, related to the GUI.
Oracle Java System Application Server 8.1
Oracle Java System Application Server 8.2
Oracle Java System Application Server 8.0
Oracle Glassfish Server 2.1.1
6.4
CVSSv2
CVE-2015-3237
The smb_request_state function in cURL and libcurl 7.40.0 up to and including 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values.
Haxx Libcurl 7.40.0
Haxx Libcurl 7.41.0
Haxx Curl 7.40.0
Haxx Curl 7.41.0
Haxx Curl 7.42.0
Haxx Curl 7.42.1
Haxx Libcurl 7.42.0
Haxx Libcurl 7.42.1
Hp System Management Homepage
Oracle Glassfish Server 3.1.2
Oracle Enterprise Manager Ops Center 12.1.4
Oracle Enterprise Manager Ops Center 12.2.2
Oracle Enterprise Manager Ops Center 12.3.2
Oracle Glassfish Server 3.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »