Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jboss enterprise portal platform vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-4424
Multiple cross-site scripting (XSS) vulnerabilities in the GateIn Portal component in Red Hat JBoss Portal 6.1.0 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Redhat Jboss Enterprise Portal Platform 6.1.0
NA
CVE-2012-5575
Apache CXF 2.5.x prior to 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting, which allows remote malicious users to force CXF to use w...
Apache Cxf 2.5.2
Apache Cxf 2.5.9
Redhat Jboss Enterprise Web Platform 5.2.0
Redhat Jboss Enterprise Soa Platform 4.3.0
Apache Cxf 2.6.0
Apache Cxf 2.5.3
Apache Cxf 2.7.3
Apache Cxf 2.5.7
Redhat Jboss Fuse Esb Enterprise 7.1.0
Apache Cxf 2.6.2
Apache Cxf 2.5.0
Apache Cxf 2.5.1
Apache Cxf 2.5.5
Apache Cxf 2.5.8
Apache Cxf 2.6.5
Apache Cxf 2.7.0
Apache Cxf 2.6.6
Apache Cxf 2.6.3
Redhat Jboss Enterprise Portal Platform 4.3.0
Apache Cxf 2.5.6
Apache Cxf 2.6.4
Apache Cxf 2.6.1
NA
CVE-2011-1483
wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise Application Platform 4.2.0.CP09, 4.3, and 5.1.1; JBoss Enterprise Portal Platform 4.3.CP06 and 5.1.1; JBoss Enterprise SOA Platform 4.2.CP05, 4.3.CP05, and 5.1.0; JBoss Communications Platform 1.2.11 and 5.1.1...
Redhat Jboss Enterprise Portal Platform 4.3.0
Redhat Jboss Enterprise Soa Platform 4.2.0
Redhat Jboss Enterprise Soa Platform 5.1.0
Redhat Jboss Communications Platform 1.2.11
Redhat Jboss Communications Platform 5.1.1
Redhat Jboss Enterprise Brms Platform 5.1.0
Redhat Jboss Enterprise Application Platform 4.2.0
Redhat Jboss Enterprise Application Platform 4.3.0
Redhat Jboss Enterprise Application Platform 5.1.1
Redhat Jboss Enterprise Portal Platform 5.1.1
Redhat Jboss Enterprise Soa Platform 4.3.0
Redhat Jboss Enterprise Web Platform 5.1.1
Hp Network Node Manager I 9.02
Hp Network Node Manager I 9.0
Hp Network Node Manager I 9.10
Hp Network Node Manager I 9.03
Hp Network Node Manager I 9.01
NA
CVE-2013-0315
The GateIn Portal export/import gadget in JBoss Enterprise Portal Platform 5.2.2 allows remote malicious users to read arbitrary files via a crafted external XML entity in an XML document, aka an XML Entity Expansion (XEE) attack.
Redhat Jboss Enterprise Portal Platform 5.2.2
NA
CVE-2013-0314
The GateIn Portal export/import gadget in JBoss Enterprise Portal Platform 5.2.2 does not properly check authentication when importing Zip files, which allows remote malicious users to modify site contents, remove the site, or alter the access controls for portlets.
Redhat Jboss Enterprise Portal Platform 5.2.2
NA
CVE-2012-5531
Multiple cross-site scripting (XSS) vulnerabilities in the GateIn Portal in JBoss Enterprise Portal Platform 5.2.2 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Redhat Jboss Enterprise Portal Platform 5.2.2
NA
CVE-2012-3546
org/apache/catalina/realm/RealmBase.java in Apache Tomcat 6.x prior to 6.0.36 and 7.x prior to 7.0.30, when FORM authentication is used, allows remote malicious users to bypass security-constraint checks by leveraging a previous setUserPrincipal call and then placing /j_security_...
Apache Tomcat 6.0
Apache Tomcat 6.0.14
Apache Tomcat 6.0.29
Apache Tomcat 6.0.33
Apache Tomcat 6.0.18
Apache Tomcat 6.0.1
Apache Tomcat 6.0.32
Apache Tomcat 6.0.9
Apache Tomcat 6.0.8
Apache Tomcat 6.0.2
Apache Tomcat 6.0.4
Apache Tomcat 6.0.27
Apache Tomcat 6.0.3
Apache Tomcat 6.0.12
Apache Tomcat 6.0.11
Apache Tomcat 6.0.6
Apache Tomcat 6.0.7
Apache Tomcat 6.0.28
Apache Tomcat 6.0.0
Apache Tomcat 6.0.5
Apache Tomcat 6.0.24
Apache Tomcat 6.0.31
NA
CVE-2011-4085
The servlets invoked by httpha-invoker in JBoss Enterprise Application Platform prior to 5.1.2, SOA Platform prior to 5.2.0, BRMS Platform prior to 5.3.0, and Portal Platform prior to 4.3 CP07 perform access control only for the GET and POST methods, which allow remote malicious ...
Redhat Jboss Enterprise Application Platform 4.3.0
Redhat Jboss Enterprise Application Platform 5.0.1
Redhat Jboss Enterprise Application Platform 5.1.0
Redhat Jboss Enterprise Application Platform 4.2.0
Redhat Jboss Enterprise Application Platform
Redhat Jboss Enterprise Application Platform 5.0.0
Redhat Jboss Enterprise Soa Platform 4.3.0
Redhat Jboss Enterprise Soa Platform 4.2.0
Redhat Jboss Enterprise Soa Platform 5.0.2
Redhat Jboss Enterprise Soa Platform 5.0.1
Redhat Jboss Enterprise Soa Platform 5.1.0
Redhat Jboss Enterprise Soa Platform
Redhat Jboss Enterprise Soa Platform 5.0.0
Redhat Jboss Enterprise Brms Platform
Redhat Jboss Enterprise Portal Platform
NA
CVE-2011-2908
Cross-site request forgery (CSRF) vulnerability in the JMX Console (jmx-console) in JBoss Enterprise Portal Platform prior to 5.2.2, BRMS Platform 5.3.0 before roll up patch1, and SOA Platform 5.3.0 allows remote authenticated users to hijack the authentication of arbitrary users...
Redhat Jboss Enterprise Portal Platform 5.0.0
Redhat Jboss Enterprise Portal Platform 5.1.1
Redhat Jboss Enterprise Portal Platform 5.1.0
Redhat Jboss Enterprise Portal Platform
Redhat Jboss Enterprise Brms Platform 5.3.0
Redhat Jboss Enterprise Portal Platform 5.2.0
Redhat Jboss Enterprise Soa Platform 5.3.0
Redhat Jboss Enterprise Portal Platform 5.0.1
NA
CVE-2012-2377
JGroups diagnostics service in JBoss Enterprise Portal Platform prior to 5.2.2, SOA Platform prior to 5.3.0, and BRMS Platform prior to 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent networks to read diagnos...
Redhat Jboss Enterprise Portal Platform 5.1.1
Redhat Jboss Enterprise Portal Platform 5.1.0
Redhat Jboss Enterprise Portal Platform
Redhat Jboss Enterprise Portal Platform 5.2.0
Redhat Jboss Enterprise Portal Platform 4.3.0
Redhat Jboss Enterprise Portal Platform 5.0.1
Redhat Jboss Enterprise Portal Platform 5.0.0
Redhat Jboss Enterprise Soa Platform 5.1.1
Redhat Jboss Enterprise Soa Platform 5.1.0
Redhat Jboss Enterprise Soa Platform 4.2.0
Redhat Jboss Enterprise Soa Platform
Redhat Jboss Enterprise Soa Platform 4.3.0
Redhat Jboss Enterprise Soa Platform 5.0.0
Redhat Jboss Enterprise Soa Platform 5.0.2
Redhat Jboss Enterprise Soa Platform 5.0.1
Redhat Jboss Enterprise Brms Platform
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »