Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jboss enterprise web platform vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-4575
Cross-site scripting (XSS) vulnerability in the JMX console in JBoss Enterprise Application Platform (EAP) prior to 5.2.0, Web Platform (EWP) prior to 5.2.0, BRMS Platform prior to 5.3.1, and SOA Platform prior to 5.3.1 allows remote malicious users to inject arbitrary web script...
Redhat Jboss Enterprise Web Platform 5.2.0
Redhat Jboss Enterprise Application Platform 5.2.0
Redhat Jboss Enterprise Brms Platform
NA
CVE-2012-0874
The (1) JMXInvokerHAServlet and (2) EJBInvokerHAServlet invoker servlets in JBoss Enterprise Application Platform (EAP) prior to 5.2.0, Web Platform (EWP) prior to 5.2.0, BRMS Platform prior to 5.3.1, and SOA Platform prior to 5.3.1 do not require authentication by default in cer...
Redhat Jboss Enterprise Application Platform 5.2.0
Redhat Jboss Enterprise Web Platform 5.2.0
Redhat Jboss Enterprise Brms Platform
1 EDB exploit
NA
CVE-2013-0218
The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by read...
Redhat Jboss Enterprise Application Platform 5.2.0
Redhat Jboss Enterprise Application Platform 5.1.2
Redhat Jboss Enterprise Web Platform 5.1.2
Redhat Jboss Enterprise Web Platform 5.2.0
NA
CVE-2012-5531
Multiple cross-site scripting (XSS) vulnerabilities in the GateIn Portal in JBoss Enterprise Portal Platform 5.2.2 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Redhat Jboss Enterprise Portal Platform 5.2.2
NA
CVE-2012-2379
Apache CXF 2.4.x prior to 2.4.8, 2.5.x prior to 2.5.4, and 2.6.x prior to 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element is signed or encrypted, which has unspecified impact and attack vectors.
Apache Cxf 2.4.6
Apache Cxf 2.4.0
Apache Cxf 2.4.3
Apache Cxf 2.4.4
Apache Cxf 2.4.2
Apache Cxf 2.4.1
Apache Cxf 2.4.7
Apache Cxf 2.4.5
Apache Cxf 2.5.2
Apache Cxf 2.5.3
Apache Cxf 2.5.0
Apache Cxf 2.5.1
Apache Cxf 2.6.0
NA
CVE-2012-3546
org/apache/catalina/realm/RealmBase.java in Apache Tomcat 6.x prior to 6.0.36 and 7.x prior to 7.0.30, when FORM authentication is used, allows remote malicious users to bypass security-constraint checks by leveraging a previous setUserPrincipal call and then placing /j_security_...
Apache Tomcat 6.0
Apache Tomcat 6.0.14
Apache Tomcat 6.0.29
Apache Tomcat 6.0.33
Apache Tomcat 6.0.18
Apache Tomcat 6.0.1
Apache Tomcat 6.0.32
Apache Tomcat 6.0.9
Apache Tomcat 6.0.8
Apache Tomcat 6.0.2
Apache Tomcat 6.0.4
Apache Tomcat 6.0.27
Apache Tomcat 6.0.3
Apache Tomcat 6.0.12
Apache Tomcat 6.0.11
Apache Tomcat 6.0.6
Apache Tomcat 6.0.7
Apache Tomcat 6.0.28
Apache Tomcat 6.0.0
Apache Tomcat 6.0.5
Apache Tomcat 6.0.24
Apache Tomcat 6.0.31
NA
CVE-2011-2730
VMware SpringSource Spring Framework prior to 2.5.6.SEC03, 2.5.7.SR023, and 3.x prior to 3.0.6, when a container supports Expression Language (EL), evaluates EL expressions in tags twice, which allows remote malicious users to obtain sensitive information via a (1) name attribute...
Springsource Spring Framework 2.5.0
Springsource Spring Framework 2.5.5
Springsource Spring Framework 2.5.6
Springsource Spring Framework 3.0.4
Springsource Spring Framework
Springsource Spring Framework 2.5.3
Springsource Spring Framework 2.5.4
Springsource Spring Framework 3.0.2
Springsource Spring Framework 3.0.3
Springsource Spring Framework 2.5.1
Springsource Spring Framework 2.5.2
Springsource Spring Framework 3.0.0
Springsource Spring Framework 3.0.1
Springsource Spring Framework 2.5.7
NA
CVE-2011-1096
The W3C XML Encryption Standard, as used in the JBoss Web Services (JBossWS) component in JBoss Enterprise Portal Platform prior to 5.2.2 and other products, when using block ciphers in cipher-block chaining (CBC) mode, allows remote malicious users to obtain plaintext data via a...
Redhat Jboss Enterprise Portal Platform 5.0.0
Redhat Jboss Enterprise Portal Platform 5.1.1
Redhat Jboss Enterprise Portal Platform 5.1.0
Redhat Jboss Enterprise Portal Platform
Redhat Jboss Enterprise Portal Platform 5.2.0
Redhat Jboss Enterprise Portal Platform 5.0.1
NA
CVE-2011-4605
The (1) JNDI service, (2) HA-JNDI service, and (3) HAJNDIFactory invoker servlet in JBoss Enterprise Application Platform 4.3.0 CP10 and 5.1.2, Web Platform 5.1.2, SOA Platform 4.2.0.CP05 and 4.3.0.CP05, Portal Platform 4.3 CP07 and 5.2.x prior to 5.2.2, and BRMS Platform prior t...
Redhat Jboss Enterprise Application Platform 4.3.0
Redhat Jboss Enterprise Application Platform 5.1.2
Redhat Jboss Enterprise Web Platform 5.1.2
Redhat Jboss Enterprise Portal Platform 5.2.1
Redhat Jboss Enterprise Portal Platform 4.3.0
Redhat Jboss Enterprise Brms Platform
Redhat Jboss Enterprise Soa Platform 4.2.0
Redhat Jboss Enterprise Portal Platform 5.2.0
Redhat Jboss Enterprise Soa Platform 4.3.0
NA
CVE-2011-2908
Cross-site request forgery (CSRF) vulnerability in the JMX Console (jmx-console) in JBoss Enterprise Portal Platform prior to 5.2.2, BRMS Platform 5.3.0 before roll up patch1, and SOA Platform 5.3.0 allows remote authenticated users to hijack the authentication of arbitrary users...
Redhat Jboss Enterprise Portal Platform 5.0.0
Redhat Jboss Enterprise Portal Platform 5.1.1
Redhat Jboss Enterprise Portal Platform 5.1.0
Redhat Jboss Enterprise Portal Platform
Redhat Jboss Enterprise Brms Platform 5.3.0
Redhat Jboss Enterprise Portal Platform 5.2.0
Redhat Jboss Enterprise Soa Platform 5.3.0
Redhat Jboss Enterprise Portal Platform 5.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »