Filter
Redhat Jboss Enterprise Application PlatformIt was found that the Apache commons-collections library permitted code execution when deserializing…
10
First published (updated )
Redhat Jboss Enterprise Application PlatformUndertow DEBUG log for io.undertow.request.security if enabled leaks credentials to log files with l…
9.8
First published (updated )
Hawt HawtioThe admin terminal in Hawt.io does not require authentication, which allows remote attackers to exec…
9.8
First published (updated )
redhat/eap7-activemq-artemisIt was found that the OpenSSL security provider does not honor TLS version in 'enabled-protocols' va…
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Hawt HawtioIt was that hawtio servlet uses a single HttpClient instance to proxy requests, with a persistent co…
First published (updated )
redhat/rh-sso7-keycloakA flaw was found in the reset credential flow in Keycloak. This flaw allows an attacker to gain unau…
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/log4jDeserialization of untrusted data in JMSAppender in Apache Log4j 1.2
8.1
First published (updated )
redhat/Undertowundertow handles certain query string characters improperly. An attacker could use this flaw to send…
7.8
First published (updated )
Redhat Jboss Enterprise Application PlatformUndertow: improper state management in proxy protocol parsing causes information leakage
7.5
EPSS
0.10%
First published (updated )
redhat/eap7-elytron-webThe embedded managed process API has two methods exposed as public methods which can bypass the secu…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/eap7-elytron-webA flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM…
7.5
First published (updated )
redhat/eap7-activemq-artemisA memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes a…
7.5
First published (updated )
redhat/eap7-apache-cxfA vulnerability was found in the Undertow HTTP server listening on HTTPS. An attacker can target the…
7.5
First published (updated )
Apache Tomcat- Rapid Reset HTTP/2 vulnerability
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/eap7-undertowA flaw was found in Undertow. AJP requests to the server may allow an attacker to send a malicious r…
7.5
First published (updated )
Redhat Jboss A-mqIt was found that the Karaf container used by Red Hat JBoss Fuse 6.x, and Red Hat JBoss A-MQ 6.x, de…
7.2
First published (updated )
redhat/smack-coreThe Ignite Realtime Smack XMPP API 4.x before 4.0.2, and 3.x and 2.x when a custom SSLContext is use…
6.8
First published (updated )
redhat/eap7-activemq-artemisA memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where host-controller tr…
6.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/eap7-wildflyA vulnerability was found in Wildfly's EJB where SessionOpenInvocations may not be removed properly …
6.5
First published (updated )
redhat/eap7-wildflyA vulnerability was found in Wildfly's EJB Client, where accumulation of some specific EJB transacti…
6.5
First published (updated )
Redhat Jboss FuseRed Hat JBoss Fuse before 6.2.0 allows remote authenticated users to bypass intended restrictions an…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.