Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
enterprise application platform vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2014-0169
In JBoss EAP 6 a security domain is configured to use a cache that is shared between all applications that are in the security domain. This could allow an authenticated user in one application to access protected resources in another application without proper authorization. Alth...
Redhat Jboss Enterprise Application Platform 6.0.0
9.8
CVSSv3
CVE-2017-7503
It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.
Redhat Jboss Enterprise Application Platform 7.0.5
NA
CVE-2011-4608
mod_cluster in JBoss Enterprise Application Platform 5.1.2 for Red Hat Linux allows worker nodes to register with arbitrary virtual hosts, which allows remote malicious users to bypass intended access restrictions and provide malicious content, hijack sessions, and steal credenti...
Redhat Jboss Enterprise Application Platform 5.1.2
4.3
CVSSv3
CVE-2019-14820
It was found that keycloak before version 8.0.0 exposes internal adapter endpoints in org.keycloak.constants.AdapterConstants, which can be invoked via a specially-crafted URL. This vulnerability could allow an malicious user to access unauthorized information.
Redhat Keycloak
Redhat Single Sign-on 7.3
Redhat Jboss Enterprise Application Platform 6.4.0
Redhat Jboss Enterprise Application Platform 7.2.0
Redhat Jboss Fuse 7.0.0
5.9
CVSSv3
CVE-2021-3629
A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability. This flaw affects Undertow versions before...
Redhat Single Sign-on -
Redhat Jboss Enterprise Application Platform -
Redhat Wildfly Core
Redhat Integration -
Redhat Undertow
Redhat Jboss Enterprise Application Platform 7.4
Redhat Jboss Enterprise Application Platform 7.3
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
5.3
CVSSv3
CVE-2022-0866
This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal. In particular, the org.jboss.as.ejb3.component.EJBComponent class has an incomingRunAsIdentity field. This field ...
Redhat Openstack Platform 13.0
Redhat Wildfly
Redhat Jboss Enterprise Application Platform
6.5
CVSSv3
CVE-2019-14900
A flaw was found in Hibernate ORM in versions prior to 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an malic...
Hibernate Hibernate Orm
Redhat Decision Manager 7.0
Redhat Openstack 10
Redhat Single Sign-on -
Redhat Jboss Data Grid 7.0.0
Redhat Jboss Middleware Text-only Advisories -
Redhat Openstack 14
Redhat Openstack 13
Redhat Jboss Enterprise Application Platform -
Redhat Build Of Quarkus -
Redhat Fuse
Quarkus Quarkus
Redhat Jboss Enterprise Application Platform 7.3
Redhat Jboss Enterprise Application Platform 7.4
Redhat Jboss Enterprise Application Platform 7.2
1 Github repository
5.5
CVSSv3
CVE-2020-14317
It was found that the issue for security flaw CVE-2019-3805 appeared again in a further version of JBoss Enterprise Application Platform - Continuous Delivery (EAP-CD) introducing regression. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing...
Redhat Wildfly -
Redhat Jboss Enterprise Application Platform -
NA
CVE-2007-4758
Multiple buffer overflows in the image-processing APIs in Cosminexus Developer's Kit for Java in Cosminexus 4 through 7 allow remote malicious users to cause a denial of service or execute arbitrary code via unspecified vectors.
Hitachi Ucosminexus Service Platform 07 00 03
Hitachi Ucosminexus Application Server Standard 07 00 01
Hitachi Ucosminexus Application Server Enterprise 7 20 01
Hitachi Ucosminexus Application Server Enterprise 07 10 01
Hitachi Ucosminexus Service Platform 07 00
Hitachi Ucosminexus Application Server Enterprise 7 20
Hitachi Ucosminexus Application Server Standard 07 00
Hitachi Ucosminexus Application Server Standard 7 10 01
Hitachi Ucosminexus Application Server Standard 07 10
Hitachi Ucosminexus Application Server Enterprise 07 00
Hitachi Ucosminexus Service Platform 7 20 01
Hitachi Ucosminexus Application Server Enterprise 07 00 01
Hitachi Ucosminexus Application Server Enterprise 07 10
Hitachi Ucosminexus Service Platform 07 10 01
Hitachi Ucosminexus Application Server Standard 07 00 03
Hitachi Ucosminexus Service Platform 07 00 02
Hitachi Ucosminexus Service Platform 07 20
Hitachi Ucosminexus Service Platform 07 10
Hitachi Ucosminexus Application Server Standard 7 20
Hitachi Ucosminexus Service Platform 07 00 01
Hitachi Ucosminexus Application Server Standard 7 20 01
Hitachi Ucosminexus Application Server Enterprise 07 00 03
NA
CVE-2007-4759
Multiple unspecified vulnerabilities in the image-processing APIs in Cosminexus Developer's Kit for Java in Cosminexus 4 through 7 allow remote malicious users to cause a denial of service via unspecified vectors.
Hitachi Ucosminexus Service Platform 07 00 03
Hitachi Ucosminexus Application Server Standard 07 00 01
Hitachi Ucosminexus Application Server Enterprise 7 20 01
Hitachi Ucosminexus Application Server Enterprise 07 10 01
Hitachi Ucosminexus Service Platform 07 00
Hitachi Ucosminexus Application Server Enterprise 7 20
Hitachi Ucosminexus Application Server Standard 07 00
Hitachi Ucosminexus Application Server Standard 7 10 01
Hitachi Ucosminexus Application Server Standard 07 10
Hitachi Ucosminexus Application Server Enterprise 07 00
Hitachi Ucosminexus Service Platform 7 20 01
Hitachi Ucosminexus Application Server Enterprise 07 00 01
Hitachi Ucosminexus Application Server Enterprise 07 10
Hitachi Ucosminexus Service Platform 07 10 01
Hitachi Ucosminexus Application Server Standard 07 00 03
Hitachi Ucosminexus Service Platform 07 00 02
Hitachi Ucosminexus Service Platform 07 20
Hitachi Ucosminexus Service Platform 07 10
Hitachi Ucosminexus Application Server Standard 7 20
Hitachi Ucosminexus Service Platform 07 00 01
Hitachi Ucosminexus Application Server Standard 7 20 01
Hitachi Ucosminexus Application Server Enterprise 07 00 03
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »