Filter
Apache Tomcat- Rapid Reset HTTP/2 vulnerability
First published (updated )
Redhat Jboss Enterprise Application PlatformUndertow: improper state management in proxy protocol parsing causes information leakage
7.5
EPSS
0.10%
First published (updated )
redhat/log4jDeserialization of untrusted data in JMSAppender in Apache Log4j 1.2
8.1
First published (updated )
redhat/eap7-wildflyA vulnerability was found in Wildfly's EJB Client, where accumulation of some specific EJB transacti…
6.5
First published (updated )
redhat/eap7-apache-cxfA vulnerability was found in the Undertow HTTP server listening on HTTPS. An attacker can target the…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Redhat Jboss FuseRed Hat JBoss Fuse before 6.2.0 allows remote authenticated users to bypass intended restrictions an…
First published (updated )
redhat/smack-coreThe Ignite Realtime Smack XMPP API 4.x before 4.0.2, and 3.x and 2.x when a custom SSLContext is use…
6.8
First published (updated )
Redhat Jboss A-mqJBoss Fuse did not enable encrypted passwords by default in its usage of Apache Zookeeper. This perm…
2.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Hawt HawtioThe admin terminal in Hawt.io does not require authentication, which allows remote attackers to exec…
9.8
First published (updated )
Redhat Jboss Enterprise Application PlatformIt was found that the Apache commons-collections library permitted code execution when deserializing…
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Redhat Jboss A-mqIt was found that the JMX endpoint of Red Hat JBoss Fuse 6, and Red Hat A-MQ 6 deserializes the cred…
5.3
First published (updated )
Redhat Jboss A-mqIt was found that the Karaf container used by Red Hat JBoss Fuse 6.x, and Red Hat JBoss A-MQ 6.x, de…
7.2
First published (updated )
Hawt HawtioIt was that hawtio servlet uses a single HttpClient instance to proxy requests, with a persistent co…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/eap7-activemq-artemisIt was found that the OpenSSL security provider does not honor TLS version in 'enabled-protocols' va…
9.1
First published (updated )
Redhat Jboss Enterprise Application PlatformUndertow DEBUG log for io.undertow.request.security if enabled leaks credentials to log files with l…
9.8
First published (updated )
redhat/Undertowundertow handles certain query string characters improperly. An attacker could use this flaw to send…
7.8
First published (updated )
redhat/eap7-activemq-artemisA memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes a…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/eap7-activemq-artemisA memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where host-controller tr…
6.8
First published (updated )
redhat/eap7-wildflyA vulnerability was found in Wildfly's EJB where SessionOpenInvocations may not be removed properly …
6.5
First published (updated )
Redhat XnioA flaw was found in xnio. A file descriptor leak caused by growing amounts of NIO Selector file, han…
5.9
First published (updated )
redhat/rh-sso7-keycloakA flaw was found in the reset credential flow in Keycloak. This flaw allows an attacker to gain unau…
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.