Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat fuse 1.0 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2013-6469
JBoss Overlord Run Time Governance (RTGov) 1.0 for JBossAS allows remote authenticated users to execute arbitrary Java code via an MVFLEX Expression Language (MVEL) expression. NOTE: some of these details are obtained from third party information.
Redhat Jboss Fuse Service Works 6.0
Redhat Jboss Overlord Run Time Governance 1.0
6.1
CVSSv3
CVE-2020-10688
A cross-site scripting (XSS) flaw was found in RESTEasy in versions prior to 3.11.1.Final and prior to 4.5.3.Final, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs. An attacker could use this flaw to launch a reflected XSS attack.
Redhat Fuse 1.0
Redhat Jboss Enterprise Application Platform -
Redhat Openshift Application Runtimes -
Redhat Resteasy
Redhat Jboss Enterprise Application Platform 7.3
Redhat Jboss Enterprise Application Platform 7.4
8.8
CVSSv3
CVE-2019-10174
A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. The attacker can use reflection to introduce new, malicious be...
Infinispan Infinispan
Redhat Fuse 1.0
Redhat Jboss Data Grid -
Redhat Jboss Enterprise Application Platform -
Redhat Openshift Application Runtimes -
Redhat Single Sign-on -
Redhat Jboss Enterprise Application Platform 7.2
Netapp Active Iq Unified Manager -
7.5
CVSSv3
CVE-2021-3690
A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion. This flaw allows an malicious user to cause a denial of service. The highest threat from this vulnerability is availability.
Redhat Fuse 1.0
Redhat Integration Camel K -
Redhat Integration Camel Quarkus -
Redhat Jboss Enterprise Application Platform -
Redhat Openshift Application Runtimes -
Redhat Single Sign-on -
Redhat Undertow
Redhat Jboss Enterprise Application Platform 7.3
Redhat Jboss Enterprise Application Platform 7.4
6.5
CVSSv3
CVE-2020-10719
A flaw was found in Undertow in versions prior to 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an malicious user to take advantage of HTTP request smuggling.
Redhat Undertow
Netapp Oncommand Insight
Redhat Fuse 1.0
Redhat Jboss Enterprise Application Platform -
Redhat Openshift Application Runtimes -
Redhat Single Sign-on -
Redhat Jboss Enterprise Application Platform 7.3
Redhat Jboss Enterprise Application Platform 7.4
Redhat Jboss Enterprise Application Platform 7.2
Netapp Active Iq Unified Manager -
Netapp Oncommand Workflow Automation -
5.9
CVSSv3
CVE-2021-3597
A flaw was found in undertow. The HTTP2SourceChannel fails to write the final frame under some circumstances, resulting in a denial of service. The highest threat from this vulnerability is availability. This flaw affects Undertow versions before 2.0.35.SP1, before 2.2.6.SP1, bef...
Redhat Fuse 1.0
Redhat Jboss Enterprise Application Platform -
Redhat Openshift Application Runtimes -
Redhat Single Sign-on -
Redhat Undertow
Redhat Undertow 2.0.35
Redhat Undertow 2.0.36
Redhat Undertow 2.0.39
Redhat Undertow 2.2.6
Redhat Undertow 2.2.7
Redhat Undertow 2.2.9
Redhat Jboss Enterprise Application Platform 7.3
7.5
CVSSv3
CVE-2019-9518
Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. ...
Apple Swiftnio
Apache Traffic Server
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Synology Diskstation Manager 6.2
Synology Skynas -
Synology Vs960hd Firmware -
Fedoraproject Fedora 29
Fedoraproject Fedora 30
2 Articles
7.5
CVSSv3
CVE-2019-9515
Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame ...
Apple Swiftnio
Apache Traffic Server
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Synology Diskstation Manager 6.2
Synology Skynas -
Synology Vs960hd Firmware -
Fedoraproject Fedora 29
Fedoraproject Fedora 30
7.5
CVSSv3
CVE-2019-9514
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer...
Apple Swiftnio
Apache Traffic Server
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Debian Debian Linux 9.0
Synology Diskstation Manager 6.2
Synology Skynas -
Synology Vs960hd Firmware -
Fedoraproject Fedora 29
Fedoraproject Fedora 30
1 Article
7.5
CVSSv3
CVE-2019-9513
Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consu...
Apple Swiftnio
Apache Traffic Server
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Synology Diskstation Manager 6.2
Synology Skynas -
Synology Vs960hd Firmware -
Fedoraproject Fedora 29
1 Article
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-21317
CVE-2025-23940
buffer overflow
CVE-2025-21335
CVE-2025-23860
CVE-2024-57704
SSTI
wireless
CVE-2019-3309
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »