Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jboss web server vulnerabilities and exploits
(subscribe to this query)
937
VMScore
CVE-2019-0232
When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 is vulnerable to Remote Code Execution due to a bug in the way the JRE passes command line arguments to Windows. The CGI Servlet i...
Apache Tomcat
Apache Tomcat 9.0.0
1 EDB exploit
8 Github repositories
892
VMScore
CVE-2022-1292
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the ...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Clustered Data Ontap -
Netapp Smi-s Provider -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp Snapmanager -
Netapp A700s Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
7 Github repositories
1 Article
891
VMScore
CVE-2012-5417
Cisco Prime Data Center Network Manager (DCNM) prior to 6.1(1) does not properly restrict access to certain JBoss MainDeployer functionality, which allows remote malicious users to execute arbitrary commands via JBoss Application Server Remote Method Invocation (RMI) services, ak...
Cisco Prime Data Center Network Manager 5.2\\(2c\\)
Cisco Prime Data Center Network Manager 5.2\\(2b\\)
Cisco Prime Data Center Network Manager 5.0\\(2\\)
Cisco Prime Data Center Network Manager 4.2\\(3\\)
Cisco Prime Data Center Network Manager 6.1\\(1b\\)
Cisco Prime Data Center Network Manager 5.1\\(3u\\)
Cisco Prime Data Center Network Manager 5.1\\(2\\)
Cisco Prime Data Center Network Manager 4.1\\(3\\)
Cisco Prime Data Center Network Manager 4.1\\(2\\)
Cisco Prime Data Center Network Manager 5.2\\(2a\\)
Cisco Prime Data Center Network Manager 5.2\\(2\\)
Cisco Prime Data Center Network Manager 4.2\\(1\\)
Cisco Prime Data Center Network Manager 4.1\\(5\\)
Cisco Prime Data Center Network Manager 4.1\\(4\\)
Cisco Prime Data Center Network Manager 6.1\\(1a\\)
Cisco Prime Data Center Network Manager 5.2\\(2e\\)
Cisco Prime Data Center Network Manager 5.1\\(1\\)
Cisco Prime Data Center Network Manager 5.0\\(3\\)
890
VMScore
CVE-2022-2068
In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not dis...
Openssl Openssl
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Siemens Sinec Ins 1.0
Siemens Sinec Ins
Netapp Santricity Smi-s Provider -
Netapp Element Software -
Netapp Ontap Select Deploy Administration Utility -
Netapp Smi-s Provider -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Snapmanager -
Netapp Ontap Antivirus Connector -
Netapp Bootstrap Os -
Netapp H615c Firmware -
Netapp H610s Firmware -
Netapp H610c Firmware -
Netapp H410c Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
1 Github repository
1 Article
890
VMScore
CVE-2015-9246
An issue exists in Skybox Platform prior to 7.5.201. Remote Unauthenticated Code Execution exists via a WAR archive containing a JSP file. The WAR file is sent to /skyboxview-softwareupdate/services/CollectorSoftwareUpdate and the JSP file is reached at /opt/skyboxview/thirdparty...
Skyboxsecurity Skybox Platform
828
VMScore
CVE-2014-3701
eDeploy has tmp file race condition flaws
Redhat Edeploy -
Redhat Jboss Enterprise Web Server 1.0.0
828
VMScore
CVE-2016-1834
Heap-based buffer overflow in the xmlStrncat function in libxml2 prior to 2.9.4, as used in Apple iOS prior to 9.3.2, OS X prior to 10.11.5, tvOS prior to 9.2.1, and watchOS prior to 2.2.1, allows remote malicious users to execute arbitrary code or cause a denial of service (memo...
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Apple Tvos
Apple Iphone Os
Apple Mac Os X
Apple Watchos
Debian Debian Linux 8.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Desktop 7.0
801
VMScore
CVE-2022-23307
CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists.
Apache Chainsaw
Apache Log4j
Qos Reload4j
Oracle Weblogic Server 12.2.1.3.0
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Jdeveloper 12.2.1.3.0
Oracle Identity Management Suite 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Communications Network Integrity 7.3.6
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Advanced Supply Chain Planning 12.2
Oracle Advanced Supply Chain Planning 12.1
Oracle Communications Unified Inventory Management 7.4.1
Oracle Enterprise Manager Base Platform 13.5.0.0
Oracle Communications Messaging Server 8.1
Oracle Business Intelligence 5.9.0.0.0
Oracle Healthcare Foundation 8.1.0
Oracle Communications Eagle Ftp Table Base Retrieval 4.5
1 Github repository
1 Article
760
VMScore
CVE-2007-1036
The default configuration of JBoss does not restrict access to the (1) console and (2) web management interfaces, which allows remote malicious users to bypass authentication and gain administrative access via direct requests.
Jboss Jboss Application Server
2 EDB exploits
756
VMScore
CVE-2014-0050
MultipartStream.java in Apache Commons FileUpload prior to 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote malicious users to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's ...
Oracle Retail Applications 12.0in
Oracle Retail Applications 13.0
Oracle Retail Applications 13.3
Oracle Retail Applications 13.2
Oracle Retail Applications 12.0
Oracle Retail Applications 14.0
Oracle Retail Applications 13.1
Oracle Retail Applications 13.4
Apache Tomcat 7.0.2
Apache Tomcat 7.0.49
Apache Tomcat 7.0.12
Apache Tomcat 7.0.20
Apache Tomcat 7.0.34
Apache Tomcat 7.0.8
Apache Tomcat 7.0.1
Apache Tomcat 7.0.5
Apache Commons Fileupload 1.2.2
Apache Tomcat 7.0.4
Apache Tomcat 7.0.22
Apache Tomcat 7.0.39
Apache Tomcat 7.0.26
Apache Tomcat 7.0.46
1 EDB exploit
3 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »