Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jboss_enterprise_application_platform vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-2670
It was found in Undertow prior to 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.
Redhat Undertow
Debian Debian Linux 9.0
Redhat Jboss Enterprise Application Platform 6.0.0
Redhat Jboss Enterprise Application Platform 7.0.0
Redhat Jboss Enterprise Application Platform 7.1.0
6.5
CVSSv3
CVE-2017-2666
It exists in Undertow that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manip...
Redhat Undertow -
Redhat Jboss Enterprise Application Platform 7.0.0
Redhat Jboss Enterprise Application Platform 7.1.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2017-2582
It was found that while parsing the SAML messages the StaxParserUtil class of keycloak prior to 2.5.1 replaces special strings for obtaining attribute values with system property. This could allow an malicious user to determine values of system properties at the attacked system b...
Redhat Keycloak
Redhat Jboss Enterprise Application Platform 6.0.0
Redhat Jboss Enterprise Application Platform 7.0.0
Redhat Jboss Enterprise Application Platform 7.1.0
Redhat Jboss Enterprise Application Platform 6.4.0
7.5
CVSSv3
CVE-2018-1000180
Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and previous versions have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fi...
Bouncycastle Fips Java Api
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api
Debian Debian Linux 9.0
Oracle Retail Xstore Point Of Service 7.1
Oracle Api Gateway 11.1.2.4.0
Oracle Weblogic Server 12.1.3.0.0
Oracle Enterprise Repository 12.1.3.0.0
Oracle Retail Xstore Point Of Service 7.0
Oracle Peoplesoft Enterprise Peopletools 8.55
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Business Process Management Suite 11.1.1.9.0
Oracle Soa Suite 12.1.3.0.0
Oracle Soa Suite 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Managed File Transfer 12.2.1.3.0
Oracle Communications Converged Application Server
Oracle Communications Webrtc Session Controller
Oracle Retail Convenience And Fuel Pos Software 2.8.1
1 Github repository
7
CVSSv3
CVE-2017-7536
In Hibernate Validator 5.2.x prior to 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occ...
Redhat Hibernate Validator
Redhat Satellite 6.4
Redhat Satellite Capsule 6.4
Redhat Jboss Enterprise Application Platform 6.0.0
Redhat Jboss Enterprise Application Platform 6.4.0
Redhat Jboss Enterprise Application Platform 7.0
Redhat Jboss Enterprise Application Platform 7.1
Redhat Virtualization 4.0
Redhat Virtualization Host 4.0
2 Github repositories
9.1
CVSSv3
CVE-2017-9788
In Apache httpd prior to 2.2.34 and 2.4.x prior to 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '...
Apache Http Server
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Apple Mac Os X
Netapp Storage Automation Store -
Netapp Oncommand Unified Manager -
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Tus 7.4
Redhat Enterprise Linux Server Eus 7.5
1 Github repository
8.8
CVSSv3
CVE-2016-5406
The domain controller in Red Hat JBoss Enterprise Application Platform (EAP) 7.x prior to 7.0.2 allows remote authenticated users to gain privileges by leveraging failure to propagate administrative RBAC configuration to all slaves.
Redhat Jboss Enterprise Application Platform
NA
CVE-2010-3862
The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$SecondaryServerSocketThread.run method in JBoss Remoting 2.2.x prior to 2.2.3.SP4 and 2.5.x prior to 2.5.3.SP2 in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3 up to and including 4.3.0.C...
Redhat Jboss Remoting 2.2.2
Redhat Jboss Remoting 2.2.3
Redhat Jboss Remoting 2.2.0
Redhat Jboss Enterprise Application Platform 4.3.0
Redhat Jboss Enterprise Application Platform 5.1.0
Redhat Jboss Enterprise Web Platform 5.1.0
NA
CVE-2010-4265
The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$SecondaryServerSocketThread.run method in JBoss Remoting 2.2.x prior to 2.2.3.SP4 and 2.5.x prior to 2.5.3.SP2 in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3 up to and including 4.3.0.C...
Redhat Jboss Remoting 2.2.0
Redhat Jboss Remoting 2.2.2
Redhat Jboss Remoting 2.2.3
Redhat Jboss Enterprise Application Platform 4.3.0
Redhat Jboss Enterprise Application Platform 5.1.0
Redhat Jboss Enterprise Web Platform 5.1.0
NA
CVE-2010-1871
JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote malicious users to execute arbitrary code via a crafted URL. NOTE: this is o...
Redhat Jboss Enterprise Application Platform 4.3.0
1 EDB exploit
3 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975
CVE-2024-2961
CVE-2024-20380
XML injection
HTML injection
CVE-2024-29204
CVE-2023-51795
memory leak
CVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »