Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jboss web framework kit vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-0149
Multiple cross-site scripting (XSS) vulnerabilities in Red Hat JBoss Web Framework Kit 2.5.0 allow remote malicious users to inject arbitrary web script or HTML via a (1) parameter or (2) id name.
Redhat Jboss Web Framework Kit 2.5.0
NA
CVE-2014-0086
The doFilter function in webapp/PushHandlerFilter.java in JBoss RichFaces 4.3.4, 4.3.5, and 5.x allows remote malicious users to cause a denial of service (memory consumption and out-of-memory error) via a large number of malformed atmosphere push requests.
Redhat Richfaces 5.0.0
Redhat Jboss Web Framework Kit 2.5.0
Redhat Richfaces 4.3.5
Redhat Richfaces 4.3.4
NA
CVE-2013-6448
The InterfaceGenerator handler in JBoss Seam Remoting in JBoss Seam 2 framework 2.3.1 and previous versions, as used in JBoss Web Framework Kit, allows remote malicious users to bypass the WebRemote annotation restriction and obtain information about arbitrary classes and methods...
Redhat Jboss Seam 2 Framework 2.3.1
Redhat Jboss Seam 2 Framework
Redhat Jboss Seam 2 Framework 2.3.0
Redhat Jboss Seam 2 Framework 2.0.2
Redhat Jboss Seam 2 Framework 2.0.3
Redhat Jboss Seam 2 Framework 2.1.0
Redhat Jboss Seam 2 Framework 2.2.1
Redhat Jboss Seam 2 Framework 2.0.0
Redhat Jboss Seam 2 Framework 2.1.1
Redhat Jboss Seam 2 Framework 2.1.2
Redhat Jboss Seam 2 Framework 2.0.1
Redhat Jboss Seam 2 Framework 2.2.0
Redhat Jboss Seam 2 Framework 2.2.2
NA
CVE-2013-6447
Multiple XML External Entity (XXE) vulnerabilities in the (1) ExecutionHandler, (2) PollHandler, and (3) SubscriptionHandler classes in JBoss Seam Remoting in JBoss Seam 2 framework 2.3.1 and previous versions, as used in JBoss Web Framework Kit, allow remote malicious users to r...
Redhat Jboss Seam 2 Framework 2.3.0
Redhat Jboss Seam 2 Framework 2.0.0
Redhat Jboss Seam 2 Framework 2.1.0
Redhat Jboss Seam 2 Framework 2.1.1
Redhat Jboss Seam 2 Framework 2.3.1
Redhat Jboss Seam 2 Framework 2.0.1
Redhat Jboss Seam 2 Framework 2.0.2
Redhat Jboss Seam 2 Framework 2.2.0
Redhat Jboss Seam 2 Framework 2.2.1
Redhat Jboss Seam 2 Framework
Redhat Jboss Seam 2 Framework 2.0.3
Redhat Jboss Seam 2 Framework 2.1.2
Redhat Jboss Seam 2 Framework 2.2.2
8.6
CVSSv3
CVE-2021-3517
There is a flaw in the xml entity encoding functionality of libxml2 in versions prior to 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most like...
Xmlsoft Libxml2
Redhat Jboss Core Services -
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Netapp Snapmanager -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp E-series Santricity Storage Manager -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Snapdrive -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Santricity Unified Manager -
Netapp Manageability Software Development Kit -
Netapp E-series Santricity Web Services -
Netapp E-series Santricity Os Controller
Netapp Hci H410c Firmware -
NA
CVE-2015-0209
Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL prior to 0.9.8zf, 1.0.0 prior to 1.0.0r, 1.0.1 prior to 1.0.1m, and 1.0.2 prior to 1.0.2a might allow remote malicious users to cause a denial of service (memory corruption and applica...
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.0n
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.0m
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.0p
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.0o
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.0k
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.0
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1e
9
CVSSv3
CVE-2021-45046
It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with...
Apache Log4j 2.0
Apache Log4j
Intel Oneapi -
Intel Audio Development Kit -
Intel Datacenter Manager -
Intel System Debugger -
Intel Secure Device Onboard -
Intel Sensor Solution Firmware Development Kit -
Intel Computer Vision Annotation Tool -
Intel Genomics Kernel Library -
Intel System Studio -
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
193 Github repositories
9 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started