Filter
AND
-Infinity
0
Trending
redhat/log4jDeserialization of untrusted data in JMSAppender in Apache Log4j 1.2
8.1
First published (updated )
Apache Tomcat- Rapid Reset HTTP/2 vulnerability
First published (updated )
TomcatApache Tomcat Remote Code Execution Vulnerability
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Red Hat Enterprise Linux ServerLast updated 24 July 2024
7.5
First published (updated )
JBoss Enterprise Application PlatformInput Validation
9.8
First published (updated )
FasterXML Jackson DatabindAn unsafe deserialization vulnerability was found due to incomplete blacklisting of the unsafe eleme…
9.8
First published (updated )
JBoss Enterprise Application PlatformIn Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the securi…
7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
JBoss Enterprise Application PlatformRed Hat JBoss Enterprise Application Platform (EAP) before 6.1.0 and JBoss Portal before 6.1.0 does …
3.7
First published (updated )
Red Hat JBoss Community Application ServerThe org.apache.catalina.connector.Response.encodeURL method in Red Hat JBoss Web 7.1.x and earlier, …
4.3
First published (updated )
JBoss Enterprise Application PlatformJBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) before 6.0.1, when using role-based a…
6.4
First published (updated )
JBoss Enterprise Application PlatformThe processInvocation function in org.jboss.as.ejb3.security.AuthorizationInterceptor in JBoss Enter…
5.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
JBoss Enterprise Application PlatformThe EJB invocation handler implementation in Red Hat JBossWS, as used in JBoss Enterprise Applicatio…
5.5
First published (updated )
Oracle HTTP Servermod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to…
5.1
First published (updated )
Red Hat Enterprise Linux Servermod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled…
4.3
First published (updated )
JBoss Enterprise Application PlatformPicketBox, as used in Red Hat JBoss Enterprise Application Platform before 6.1.1, allows local users…
1.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache Http ServerThe deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server …
4.3
First published (updated )
JBoss Enterprise Application PlatformIn JBoss EAP 6 a security domain is configured to use a cache that is shared between all application…
6.5
First published (updated )
JBoss Enterprise Application PlatformThe security audit functionality in Red Hat JBoss Enterprise Application Platform (EAP) 6.x before 6…
1.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache CXFThe SymmetricBinding in Apache CXF before 2.6.13 and 2.7.x before 2.7.10, when EncryptBeforeSigning …
4.3
First published (updated )
JBoss Enterprise Application PlatformIt was found that the Apache commons-collections library permitted code execution when deserializing…
10
First published (updated )
JBoss Enterprise Application PlatformIt was discovered that the jboss init script performed unsafe file handling which could result in lo…
7.8
First published (updated )
redhat/apache-cxfIt was discovered that EAP packages in certain versions of Red Hat Enterprise Linux use incorrect pe…
7.8
First published (updated )
redhat/eap7-activemq-artemisIt was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserial…
7.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.