Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
glassfish vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-5763
In Eclipse Glassfish 5 or 6, running with old versions of JDK (lower than 6u211, or < 7u201, or < 8u191), allows remote malicious users to load malicious code on the server via access to insecure ORB listeners.
Eclipse Glassfish
7.8
CVSSv2
CVE-2011-3559
Unspecified vulnerability in Oracle Communications Server 2.0; GlassFish Enterprise Server 2.1.1, 3.0.1, and 3.1.1; and Sun Java System App Server 8.1 and 8.2 allows remote malicious users to affect availability via unknown vectors related to Web Container.
Oracle Communications Server 2.0
Oracle Java System Application Server 8.1
Oracle Java System Application Server 8.2
Oracle Glassfish Server 3.0.1
Oracle Glassfish Server 3.1.1
Oracle Glassfish Server 2.1.1
4.3
CVSSv2
CVE-2021-3314
Oracle GlassFish Server 3.1.2.18 and below allows /common/logViewer/logViewer.jsf XSS. A malicious user can cause an administrator user to supply dangerous content to the vulnerable page, which is then reflected back to the user and executed by the web browser. The most common me...
Oracle Glassfish Server
2.6
CVSSv2
CVE-2017-3626
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The supported version that is affected is 3.1.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to ...
Oracle Glassfish Server 3.1.2
5
CVSSv2
CVE-2018-3210
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...
Oracle Glassfish Server 3.1.2
5
CVSSv2
CVE-2017-1000028
Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request.
Oracle Glassfish Server 4.1
3 EDB exploits
2 Github repositories
5
CVSSv2
CVE-2017-1000030
Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Java Key Store Password Disclosure vulnerability, that makes it possible to provide an unauthenticated attacker plain text password of administrative user and grant access to the web-based administrati...
Oracle Glassfish Server 3.0.1
6.8
CVSSv2
CVE-2018-2911
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...
Oracle Glassfish Server 3.1.2
5.8
CVSSv2
CVE-2017-10400
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration Graphical User Interface). The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HT...
Oracle Glassfish Server 3.1.2
10
CVSSv2
CVE-2018-14324
The demo feature in Oracle GlassFish Open Source Edition 5.0 has TCP port 7676 open by default with a password of admin for the admin account. This allows remote malicious users to obtain potentially sensitive information, perform database operations, or manipulate the demo via a...
Oracle Glassfish Server 5.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »