Filter
AND
AND

Apache Tomcat- Rapid Reset HTTP/2 vulnerability

First published (updated )

redhat/log4jDeserialization of untrusted data in JMSAppender in Apache Log4j 1.2

8.1
First published (updated )

redhat/jbosswebThe fix for <a href="https://access.redhat.com/security/cve/CVE-2020-13935">CVE-2020-13935</a> was i…

7.5
First published (updated )

Redhat XnioA flaw was found in xnio. A file descriptor leak caused by growing amounts of NIO Selector file, han…

First published (updated )

Redhat Jboss Enterprise Application PlatformIn JBoss EAP 6 a security domain is configured to use a cache that is shared between all application…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Redhat Jboss Enterprise Application PlatformXSS

First published (updated )

Redhat Jboss Enterprise Application PlatformJBoss EAP has a vulnerability that allows local users who are able to execute init.d script to termi…

First published (updated )

Oracle Utilities FrameworkInput Validation

7.5
First published (updated )

Apache TomcatLast updated 24 July 2024

7.5
First published (updated )

Oracle FLEXCUBE Investor ServicingGoogle Guava is vulnerable to a denial of service, caused by improper eager allocation checks in the…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Oracle Utilities FrameworkAn XML deserialization vulnerability was discovered in slf4j's EventData, which accepts an XML seria…

First published (updated )

Redhat Jboss Enterprise Application PlatformA vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3…

7.5
First published (updated )

Redhat Jboss Enterprise Application PlatformA deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated u…

First published (updated )

Redhat Jboss Enterprise Application PlatformIt was found that when Artemis and HornetQ before 2.4.0 are configured with UDP discovery and JGroup…

7.8
First published (updated )

Apache TomcatApache Tomcat Remote Code Execution Vulnerability

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Redhat Enterprise Linux Server EusInput Validation, Infoleak

First published (updated )

Redhat Jboss Enterprise Application PlatformIn Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the securi…

First published (updated )

FasterXML jackson-databindAn unsafe deserialization vulnerability was found due to incomplete blacklisting of the unsafe eleme…

First published (updated )

Redhat Jboss Enterprise Application PlatformInput Validation

First published (updated )

Redhat Jboss Enterprise Application PlatformIt was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into…

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Redhat Jboss Enterprise Application PlatformPath Traversal

7.7
First published (updated )

Redhat Jboss Enterprise Application PlatformInfoleak

First published (updated )

Oracle Core RdbmsLast updated 24 July 2024

7.5
First published (updated )

redhat/apache-cxfIt was discovered that EAP packages in certain versions of Red Hat Enterprise Linux use incorrect pe…

7.8
First published (updated )

redhat/eap7-activemq-artemisIt was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserial…

7.2
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Redhat Jboss Enterprise Application PlatformIt was discovered that the jboss init script performed unsafe file handling which could result in lo…

7.8
First published (updated )

OpenSSL OpenSSLInfoleak, Weak Encryption

7.5
First published (updated )

Fedoraproject FedoraInput Validation

7.5
First published (updated )

Redhat Jboss Enterprise Application PlatformIt was found that the Apache commons-collections library permitted code execution when deserializing…

First published (updated )

Oracle HTTP ServerRace Condition, Buffer Overflow

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Apache HTTP serverThe deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server …

First published (updated )

Redhat Jboss Enterprise Application PlatformInfoleak

First published (updated )

Apache CXFThe SymmetricBinding in Apache CXF before 2.6.13 and 2.7.x before 2.7.10, when EncryptBeforeSigning …

First published (updated )

Apache CXFInput Validation

First published (updated )

Redhat Jboss Enterprise Application PlatformThe security audit functionality in Red Hat JBoss Enterprise Application Platform (EAP) 6.x before 6…

1.9
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Canonical Ubuntu Linuxmod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled…

First published (updated )

Redhat Jboss Enterprise Application PlatformThe EJB invocation handler implementation in Red Hat JBossWS, as used in JBoss Enterprise Applicatio…

First published (updated )

Oracle HTTP Servermod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to…

First published (updated )

Redhat Jboss Enterprise Application PlatformPicketBox, as used in Red Hat JBoss Enterprise Application Platform before 6.1.1, allows local users…

1.9
First published (updated )

Redhat Jboss Enterprise Application PlatformJBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) before 6.0.1, when using role-based a…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Redhat Jboss Enterprise Application PlatformThe processInvocation function in org.jboss.as.ejb3.security.AuthorizationInterceptor in JBoss Enter…

First published (updated )

Redhat Jboss Enterprise Application PlatformRed Hat JBoss Enterprise Application Platform (EAP) before 6.1.0 and JBoss Portal before 6.1.0 does …

3.7
First published (updated )

Redhat Jboss Community Application ServerThe org.apache.catalina.connector.Response.encodeURL method in Red Hat JBoss Web 7.1.x and earlier, …

First published (updated )

Apache HTTP serverXSS

First published (updated )

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203