Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jboss vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2013-6495
JBossWeb Bayeux has reflected XSS
Redhat Jboss Enterprise Application Platform
Redhat Jboss Portal
4.3
CVSSv2
CVE-2011-4575
Cross-site scripting (XSS) vulnerability in the JMX console in JBoss Enterprise Application Platform (EAP) prior to 5.2.0, Web Platform (EWP) prior to 5.2.0, BRMS Platform prior to 5.3.1, and SOA Platform prior to 5.3.1 allows remote malicious users to inject arbitrary web script...
Redhat Jboss Enterprise Web Platform 5.2.0
Redhat Jboss Enterprise Application Platform 5.2.0
Redhat Jboss Enterprise Brms Platform
6.8
CVSSv2
CVE-2012-0874
The (1) JMXInvokerHAServlet and (2) EJBInvokerHAServlet invoker servlets in JBoss Enterprise Application Platform (EAP) prior to 5.2.0, Web Platform (EWP) prior to 5.2.0, BRMS Platform prior to 5.3.1, and SOA Platform prior to 5.3.1 do not require authentication by default in cer...
Redhat Jboss Enterprise Application Platform 5.2.0
Redhat Jboss Enterprise Web Platform 5.2.0
Redhat Jboss Enterprise Brms Platform
1 EDB exploit
4.9
CVSSv2
CVE-2012-5478
The AuthorizationInterceptor in JBoss Enterprise Application Platform (EAP) prior to 5.2.0, Web Platform (EWP) prior to 5.2.0, BRMS Platform prior to 5.3.1, and SOA Platform prior to 5.3.1 does not properly restrict access, which allows remote authenticated users to bypass intend...
Redhat Jboss Enterprise Application Platform 5.2.0
Redhat Jboss Enterprise Web Platform 5.2.0
Redhat Jboss Enterprise Brms Platform
4
CVSSv2
CVE-2012-3369
The CallerIdentityLoginModule in JBoss Enterprise Application Platform (EAP) prior to 5.2.0, Web Platform (EWP) prior to 5.2.0, BRMS Platform prior to 5.3.1, and SOA Platform prior to 5.3.1 allows remote malicious users to gain privileges of the previous user via a null password,...
Redhat Jboss Enterprise Web Platform 5.2.0
Redhat Jboss Enterprise Application Platform 5.2.0
Redhat Jboss Enterprise Brms Platform
5.8
CVSSv2
CVE-2012-3370
The SecurityAssociation.getCredential method in JBoss Enterprise Application Platform (EAP) prior to 5.2.0, Web Platform (EWP) prior to 5.2.0, BRMS Platform prior to 5.3.1, and SOA Platform prior to 5.3.1 returns the credentials of the previous user when a security context is not...
Redhat Jboss Enterprise Application Platform 5.2.0
Redhat Jboss Enterprise Web Platform 5.2.0
Redhat Jboss Enterprise Brms Platform
4.3
CVSSv2
CVE-2008-3519
The default configuration of the JBossAs component in Red Hat JBoss Enterprise Application Platform (aka JBossEAP or EAP), possibly 4.2 before CP04 and 4.3 before CP02, when a production environment is enabled, sets the DownloadServerClasses property to true, which allows remote ...
Redhat Jboss Enterprise Application Platform 4.2
Redhat Jboss Enterprise Application Platform
Redhat Jboss Enterprise Application Platform 4.3
5
CVSSv2
CVE-2011-1483
wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise Application Platform 4.2.0.CP09, 4.3, and 5.1.1; JBoss Enterprise Portal Platform 4.3.CP06 and 5.1.1; JBoss Enterprise SOA Platform 4.2.CP05, 4.3.CP05, and 5.1.0; JBoss Communications Platform 1.2.11 and 5.1.1...
Redhat Jboss Enterprise Portal Platform 4.3.0
Redhat Jboss Enterprise Soa Platform 4.2.0
Redhat Jboss Enterprise Soa Platform 5.1.0
Redhat Jboss Communications Platform 1.2.11
Redhat Jboss Communications Platform 5.1.1
Redhat Jboss Enterprise Brms Platform 5.1.0
Redhat Jboss Enterprise Application Platform 4.2.0
Redhat Jboss Enterprise Application Platform 4.3.0
Redhat Jboss Enterprise Application Platform 5.1.1
Redhat Jboss Enterprise Portal Platform 5.1.1
Redhat Jboss Enterprise Soa Platform 4.3.0
Redhat Jboss Enterprise Web Platform 5.1.1
Hp Network Node Manager I 9.02
Hp Network Node Manager I 9.0
Hp Network Node Manager I 9.10
Hp Network Node Manager I 9.03
Hp Network Node Manager I 9.01
5
CVSSv2
CVE-2019-14888
A vulnerability was found in the Undertow HTTP server in versions prior to 2.0.28.SP1 when listening on HTTPS. An attacker can target the HTTPS port to carry out a Denial Of Service (DOS) to make the service unavailable on SSL.
Redhat Undertow
Redhat Jboss Data Grid -
Redhat Jboss Data Grid 7.0.0
Redhat Jboss Enterprise Application Platform 7.0.0
Redhat Jboss Fuse 6.0.0
Redhat Jboss Fuse 7.0.0
Redhat Single Sign-on 7.0
Netapp Active Iq Unified Manager -
2.1
CVSSv2
CVE-2009-3554
Twiddle in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 prior to 4.2.0.CP08 and 4.3 prior to 4.3.0.CP07 writes the JMX password, and other command-line arguments, to the twiddle.log file, which allows local users to obtain sensitive information by re...
Redhat Jboss Enterprise Application Platform 4.2
Redhat Jboss Enterprise Application Platform 4.2.0
Redhat Jboss Enterprise Application Platform 4.2.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »