Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jboss_enterprise_application_platform vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2019-10202
A series of deserialization vulnerabilities have been discovered in Codehaus 1.9.x implemented in EAP 7. This CVE fixes CVE-2017-17485, CVE-2017-7525, CVE-2017-15095, CVE-2018-5968, CVE-2018-7489, CVE-2018-1000873, CVE-2019-12086 reported for FasterXML jackson-databind by impleme...
Redhat Jboss Enterprise Application Platform 7.2.0
570
VMScore
CVE-2017-2666
It exists in Undertow that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manip...
Redhat Undertow -
Redhat Jboss Enterprise Application Platform 7.0.0
Redhat Jboss Enterprise Application Platform 7.1.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
231
VMScore
CVE-2010-3862
The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$SecondaryServerSocketThread.run method in JBoss Remoting 2.2.x prior to 2.2.3.SP4 and 2.5.x prior to 2.5.3.SP2 in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3 up to and including 4.3.0.C...
Redhat Jboss Remoting 2.2.2
Redhat Jboss Remoting 2.2.3
Redhat Jboss Remoting 2.2.0
Redhat Jboss Enterprise Application Platform 4.3.0
Redhat Jboss Enterprise Application Platform 5.1.0
Redhat Jboss Enterprise Web Platform 5.1.0
409
VMScore
CVE-2021-3717
A flaw was found in Wildfly. An incorrect JBOSS_LOCAL_USER challenge location when using the elytron configuration may lead to JBOSS_LOCAL_USER access to all users on the machine. The highest threat from this vulnerability is to confidentiality, integrity, and availability. This ...
Redhat Single Sign-on -
Redhat Jboss Enterprise Application Platform -
Redhat Wildfly Core
Redhat Jboss Enterprise Application Platform 7.4
Redhat Jboss Enterprise Application Platform 7.3
231
VMScore
CVE-2010-4265
The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$SecondaryServerSocketThread.run method in JBoss Remoting 2.2.x prior to 2.2.3.SP4 and 2.5.x prior to 2.5.3.SP2 in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3 up to and including 4.3.0.C...
Redhat Jboss Remoting 2.2.0
Redhat Jboss Remoting 2.2.2
Redhat Jboss Remoting 2.2.3
Redhat Jboss Enterprise Application Platform 4.3.0
Redhat Jboss Enterprise Application Platform 5.1.0
Redhat Jboss Enterprise Web Platform 5.1.0
383
VMScore
CVE-2020-10688
A cross-site scripting (XSS) flaw was found in RESTEasy in versions prior to 3.11.1.Final and prior to 4.5.3.Final, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs. An attacker could use this flaw to launch a reflected XSS attack.
Redhat Jboss Enterprise Application Platform -
Redhat Openshift Application Runtimes -
Redhat Resteasy
Redhat Fuse 1.0
Redhat Jboss Enterprise Application Platform 7.3
Redhat Jboss Enterprise Application Platform 7.4
570
VMScore
CVE-2020-10719
A flaw was found in Undertow in versions prior to 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an malicious user to take advantage of HTTP request smuggling.
Redhat Undertow
Netapp Oncommand Insight
Redhat Single Sign-on -
Redhat Jboss Enterprise Application Platform -
Redhat Openshift Application Runtimes -
Redhat Fuse 1.0
Redhat Jboss Enterprise Application Platform 7.3
Redhat Jboss Enterprise Application Platform 7.4
Redhat Jboss Enterprise Application Platform 7.2
Netapp Oncommand Workflow Automation -
Netapp Active Iq Unified Manager -
383
VMScore
CVE-2019-10212
A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the user's credentials from the log files.
Redhat Undertow
Redhat Jboss Data Grid -
Redhat Jboss Data Grid
Redhat Jboss Enterprise Application Platform -
Redhat Jboss Fuse
Redhat Openshift Application Runtimes -
Redhat Single Sign-on
Netapp Active Iq Unified Manager -
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
Redhat Jboss Enterprise Application Platform 7.4
435
VMScore
CVE-2008-0455
Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and previous versions in the 2.2.x series, 2.0.61 and previous versions in the 2.0.x series, and 1.3.39 and previous versions in the 1.3.x series allows remote authenticated use...
Apache Http Server
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 5.0
Redhat Jboss Enterprise Application Platform 6.0.0
Redhat Jboss Enterprise Application Platform 6.4.0
1 EDB exploit
NA
CVE-2023-3171
A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an malicious user to submit malicious requests using these classes, which could eventually exhaus...
Redhat Jboss Enterprise Application Platform 7.4
Redhat Jboss Enterprise Application Platform -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »