Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jboss vulnerabilities and exploits
(subscribe to this query)
506
VMScore
CVE-2005-2006
JBOSS 3.2.2 up to and including 3.2.7 and 4.0.2 allows remote malicious users to obtain sensitive information via a GET request (1) with a "%." (percent dot), which reveals the installation path or (2) with a % (percent) before a filename, which reveals the contents of ...
Jboss Jboss 3.2.2
Jboss Jboss 3.2.5
Jboss Jboss 3.2.6
Jboss Jboss 3.2.7
Jboss Jboss 4.0.2
Jboss Jboss 3.2.3
Jboss Jboss 3.2.4
1 EDB exploit
2 Github repositories
668
VMScore
CVE-2006-5750
Directory traversal vulnerability in the DeploymentFileRepository class in JBoss Application Server (jbossas) 3.2.4 up to and including 4.0.5 allows remote authenticated users to read or modify arbitrary files, and possibly execute arbitrary code, via unspecified vectors related ...
Jboss Jboss Application Server 4.0.0 Final
Jboss Jboss Application Server 4.0.1 Final
Jboss Jboss Application Server 4.0.1 Sp1
Jboss Jboss Application Server 4.0.2 Final
Jboss Jboss Application Server 3.2.5 Final
Jboss Jboss Application Server 3.2.6 Final
Jboss Jboss Application Server 3.2.7 Final
Jboss Jboss Application Server 4.0.3 Final
Jboss Jboss Application Server 4.0.4.ga
Jboss Jboss Application Server 3.2.8.sp1
Jboss Jboss Application Server 3.2.8 Final
Jboss Jboss Application Server 4.0.5.ga
534
VMScore
CVE-2007-1354
The Access Control functionality (JMXOpsAccessControlFilter) in JMX Console in JBoss Application Server 4.0.2 and 4.0.5 prior to 20070416 uses a member variable to store the roles of the current user, which allows remote authenticated administrators to trigger a race condition an...
Jboss Jboss Application Server 4.0.2.ga Cp02
Jboss Jboss Application Server 4.0.2.ga Cp03
Jboss Jboss Application Server 4.0.2.ga Cp04
Jboss Jboss Application Server 4.0.5.ga
Jboss Jboss Application Server 4.0.5 Cp01
Jboss Jboss Application Server 4.0.5 Cp02
755
VMScore
CVE-2003-0845
Unknown vulnerability in the HSQLDB component in JBoss 3.2.1 and 3.0.8 on Java 1.4.x platforms, when running in the default configuration, allows remote malicious users to conduct unauthorized activities and possibly execute arbitrary code via certain SQL statements to (1) TCP po...
Jboss Jboss 3.0.8
Jboss Jboss 3.2.1
1 EDB exploit
801
VMScore
CVE-2016-6330
The server in Red Hat JBoss Operations Network (JON), when SSL authentication is not configured for JON server / agent communication, allows remote malicious users to execute arbitrary code via a crafted HTTP request, related to message deserialization. NOTE: this vulnerability e...
Redhat Jboss Operations Network 3.0
Redhat Jboss Operations Network 3.3.4
Redhat Jboss Operations Network 3.3.5
Redhat Jboss Operations Network 3.1
Redhat Jboss Operations Network 3.3.2
Redhat Jboss Operations Network 3.2.0
Redhat Jboss Operations Network 3.2.2
Redhat Jboss Operations Network 3.0.1
Redhat Jboss Operations Network 3.2.3
Redhat Jboss Operations Network 3.1.2
Redhat Jboss Operations Network 3.3.1
Redhat Jboss Operations Network 3.2.1
Redhat Jboss Operations Network 3.1.1
Redhat Jboss Operations Network 3.3.6
Redhat Jboss Operations Network 3.1.4
Redhat Jboss Operations Network 3.3.3
676
VMScore
CVE-2007-1157
Cross-site request forgery (CSRF) vulnerability in jmx-console/HtmlAdaptor in JBoss allows remote malicious users to perform privileged actions as administrators via certain MBean operations, a different vulnerability than CVE-2006-3733.
Jboss Jboss
312
VMScore
CVE-2011-4573
Red Hat JBoss Operations Network (JON) prior to 2.4.2 does not properly enforce "modify resource" permissions for remote authenticated users when deleting a plug-in configuration update from the group connection properties history, which prevents such activities from be...
Redhat Jboss Operations Network
Redhat Jboss Operations Network 2.3.1
Redhat Jboss Operations Network 2.4
Redhat Jboss Operations Network 2.3
Redhat Jboss Operations Network 2.2
Redhat Jboss Operations Network 2.1.0
Redhat Jboss Operations Network 2.0.1
Redhat Jboss Operations Network 2.0.0
Redhat Jboss Operations Network 1.0.0
516
VMScore
CVE-2012-0052
Red Hat JBoss Operations Network (JON) prior to 2.4.2 and 3.0.x prior to 3.0.1 does not check the JON agent key, which allows remote malicious users to spoof the identity of arbitrary agents via the registered agent name.
Redhat Jboss Operations Network
Redhat Jboss Operations Network 2.4
Redhat Jboss Operations Network 2.3.1
Redhat Jboss Operations Network 2.3
Redhat Jboss Operations Network 2.2
Redhat Jboss Operations Network 2.1.0
Redhat Jboss Operations Network 2.0.0
Redhat Jboss Operations Network 3.0
Redhat Jboss Operations Network 2.0.1
516
VMScore
CVE-2012-0062
Red Hat JBoss Operations Network (JON) prior to 2.4.2 and 3.0.x prior to 3.0.1 allows remote malicious users to hijack agent sessions via an agent registration request without a security token.
Redhat Jboss Operations Network 2.0.0
Redhat Jboss Operations Network 3.0
Redhat Jboss Operations Network
Redhat Jboss Operations Network 2.4
Redhat Jboss Operations Network 2.3.1
Redhat Jboss Operations Network 2.2
Redhat Jboss Operations Network 2.0.1
Redhat Jboss Operations Network 2.3
Redhat Jboss Operations Network 2.1.0
445
VMScore
CVE-2012-5626
EJB method in Red Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 5; Red Hat JBoss Operations Network 3.1; Red Hat JBoss Portal 4 and 5; Red Hat JBoss SOA Platform 4.2, 4.3, and 5; in Red Hat JBoss Enterprise Web Server 1 ignores roles specified using the @RunAs a...
Redhat Jboss Brms 5
Redhat Jboss Enterprise Application Platform 5.0.0
Redhat Jboss Enterprise Web Server 1.0.0
Redhat Jboss Operations Network 3.1
Redhat Jboss Portal 4.0.0
Redhat Jboss Portal 5.0.0
Redhat Jboss Soa Platform 4.2
Redhat Jboss Soa Platform 4.3
Redhat Jboss Soa Platform 5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »