Filter
-Infinity
0
Apache Tomcat- Rapid Reset HTTP/2 vulnerability
First published (updated )
maven/io.undertow:undertow-coreUndertow: improper state management in proxy protocol parsing causes information leakage
7.5
EPSS
0.10%
First published (updated )
redhat/log4jDeserialization of untrusted data in JMSAppender in Apache Log4j 1.2
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/eap7-wildflyA vulnerability was found in Wildfly's EJB Client, where accumulation of some specific EJB transacti…
6.5
First published (updated )
redhat/eap7-apache-cxfA vulnerability was found in the Undertow HTTP server listening on HTTPS. An attacker can target the…
7.5
First published (updated )
Red Hat JBoss FuseRed Hat JBoss Fuse before 6.2.0 allows remote authenticated users to bypass intended restrictions an…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/smack-coreThe Ignite Realtime Smack XMPP API 4.x before 4.0.2, and 3.x and 2.x when a custom SSLContext is use…
6.8
First published (updated )
Red Hat JBoss A-MQJBoss Fuse did not enable encrypted passwords by default in its usage of Apache Zookeeper. This perm…
2.1
First published (updated )
Red Hat HawtioThe admin terminal in Hawt.io does not require authentication, which allows remote attackers to exec…
9.8
First published (updated )
JBoss Enterprise Application PlatformIt was found that the Apache commons-collections library permitted code execution when deserializing…
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Red Hat JBoss A-MQIt was found that the JMX endpoint of Red Hat JBoss Fuse 6, and Red Hat A-MQ 6 deserializes the cred…
5.3
First published (updated )
Red Hat JBoss A-MQIt was found that the Karaf container used by Red Hat JBoss Fuse 6.x, and Red Hat JBoss A-MQ 6.x, de…
7.2
First published (updated )
Red Hat HawtioIt was that hawtio servlet uses a single HttpClient instance to proxy requests, with a persistent co…
First published (updated )
maven/com.fasterxml.jackson.core:jackson-databindInfoleak
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/eap7-activemq-artemisIt was found that the OpenSSL security provider does not honor TLS version in 'enabled-protocols' va…
9.1
First published (updated )
JBoss Enterprise Application PlatformUndertow DEBUG log for io.undertow.request.security if enabled leaks credentials to log files with l…
9.8
First published (updated )
redhat/eap7-activemq-artemisundertow handles certain query string characters improperly. An attacker could use this flaw to send…
7.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/eap7-activemq-artemisA memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes a…
7.5
First published (updated )
redhat/eap7-activemq-artemisA memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where host-controller tr…
6.8
First published (updated )
redhat/eap7-wildflyA vulnerability was found in Wildfly's EJB where SessionOpenInvocations may not be removed properly …
6.5
First published (updated )
XNIOA flaw was found in xnio. A file descriptor leak caused by growing amounts of NIO Selector file, han…
5.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.