Filters
Apache Tomcat- Rapid Reset HTTP/2 vulnerability
First published (updated )
redhat/log4jDeserialization of untrusted data in JMSAppender in Apache Log4j 1.2
8.1
First published (updated )
redhat/jbosswebThe fix for <a href="https://access.redhat.com/security/cve/CVE-2020-13935">CVE-2020-13935</a> was i…
7.5
First published (updated )
Redhat XnioA flaw was found in xnio. A file descriptor leak caused by growing amounts of NIO Selector file, han…
5.9
First published (updated )
Redhat Jboss Enterprise Application PlatformIn JBoss EAP 6 a security domain is configured to use a cache that is shared between all application…
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Redhat Jboss Enterprise Application PlatformJBoss EAP has a vulnerability that allows local users who are able to execute init.d script to termi…
5.5
First published (updated )
Oracle FLEXCUBE Investor ServicingGoogle Guava is vulnerable to a denial of service, caused by improper eager allocation checks in the…
5.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Oracle Utilities FrameworkAn XML deserialization vulnerability was discovered in slf4j's EventData, which accepts an XML seria…
9.8
First published (updated )
Redhat Jboss Enterprise Application PlatformA vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3…
7.5
First published (updated )
Redhat Jboss Enterprise Application PlatformA deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated u…
9.8
First published (updated )
Redhat Jboss Enterprise Application PlatformIt was found that when Artemis and HornetQ before 2.4.0 are configured with UDP discovery and JGroup…
7.8
First published (updated )
Apache TomcatApache Tomcat Remote Code Execution Vulnerability
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Redhat Enterprise Linux Server EusInput Validation, Infoleak
9.1
First published (updated )
Redhat Jboss Enterprise Application PlatformIn Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the securi…
7
First published (updated )
FasterXML jackson-databindAn unsafe deserialization vulnerability was found due to incomplete blacklisting of the unsafe eleme…
9.8
First published (updated )
Redhat Jboss Enterprise Application PlatformInput Validation
9.8
First published (updated )
Redhat Jboss Enterprise Application PlatformIt was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Redhat Jboss Enterprise Application PlatformPath Traversal
7.7
First published (updated )
Redhat Jboss Enterprise Application PlatformInfoleak
6.5
First published (updated )
redhat/apache-cxfIt was discovered that EAP packages in certain versions of Red Hat Enterprise Linux use incorrect pe…
7.8
First published (updated )
redhat/eap7-activemq-artemisIt was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserial…
7.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Redhat Jboss Enterprise Application PlatformIt was discovered that the jboss init script performed unsafe file handling which could result in lo…
7.8
First published (updated )
Redhat Jboss Enterprise Application PlatformIt was found that the Apache commons-collections library permitted code execution when deserializing…
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache HTTP serverThe deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server …
4.3
First published (updated )
Apache CXFThe SymmetricBinding in Apache CXF before 2.6.13 and 2.7.x before 2.7.10, when EncryptBeforeSigning …
4.3
First published (updated )
Redhat Jboss Enterprise Application PlatformThe security audit functionality in Red Hat JBoss Enterprise Application Platform (EAP) 6.x before 6…
1.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Canonical Ubuntu Linuxmod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled…
4.3
First published (updated )
Redhat Jboss Enterprise Application PlatformThe EJB invocation handler implementation in Red Hat JBossWS, as used in JBoss Enterprise Applicatio…
5.5
First published (updated )
Oracle HTTP Servermod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to…
5.1
First published (updated )
Redhat Jboss Enterprise Application PlatformPicketBox, as used in Red Hat JBoss Enterprise Application Platform before 6.1.1, allows local users…
1.9
First published (updated )
Redhat Jboss Enterprise Application PlatformJBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) before 6.0.1, when using role-based a…
6.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Redhat Jboss Enterprise Application PlatformThe processInvocation function in org.jboss.as.ejb3.security.AuthorizationInterceptor in JBoss Enter…
5.8
First published (updated )
Redhat Jboss Enterprise Application PlatformRed Hat JBoss Enterprise Application Platform (EAP) before 6.1.0 and JBoss Portal before 6.1.0 does …
3.7
First published (updated )
Redhat Jboss Community Application ServerThe org.apache.catalina.connector.Response.encodeURL method in Red Hat JBoss Web 7.1.x and earlier, …
4.3
First published (updated )