Filtered by vendor Redhat
Subscriptions
Filtered by product Jboss Enterprise Application Platform
Subscriptions
Total
224 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-10237 | 3 Google, Oracle, Redhat | 18 Guava, Banking Payments, Communications Ip Service Activator and 15 more | 2023-11-07 | 5.9 Medium |
| Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable. | ||||
| CVE-2018-1000632 | 5 Debian, Dom4j Project, Netapp and 2 more | 15 Debian Linux, Dom4j, Oncommand Workflow Automation and 12 more | 2023-11-07 | 7.5 High |
| dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or elements in the XML document. This vulnerability appears to have been fixed in 2.1.1 or later. | ||||
| CVE-2018-1000180 | 5 Bouncycastle, Debian, Netapp and 2 more | 21 Fips Java Api, Legion-of-the-bouncy-castle-java-crytography-api, Debian Linux and 18 more | 2023-11-07 | N/A |
| Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in versions BC 1.60 beta 4 and later, BC-FJA 1.0.2 and later. | ||||
| CVE-2017-9788 | 6 Apache, Apple, Debian and 3 more | 16 Http Server, Mac Os X, Debian Linux and 13 more | 2023-11-07 | N/A |
| In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service. | ||||
| CVE-2017-7536 | 1 Redhat | 7 Enterprise Linux, Hibernate Validator, Jboss Enterprise Application Platform and 4 more | 2023-11-07 | 7.0 High |
| In Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). | ||||
| CVE-2017-7525 | 5 Debian, Fasterxml, Netapp and 2 more | 22 Debian Linux, Jackson-databind, Oncommand Balance and 19 more | 2023-11-07 | 9.8 Critical |
| A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. | ||||
| CVE-2017-15095 | 5 Debian, Fasterxml, Netapp and 2 more | 25 Debian Linux, Jackson-databind, Oncommand Balance and 22 more | 2023-11-07 | 9.8 Critical |
| A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously. | ||||
| CVE-2017-12629 | 4 Apache, Canonical, Debian and 1 more | 5 Solr, Ubuntu Linux, Debian Linux and 2 more | 2023-11-07 | 9.8 Critical |
| Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to this. Note that the XML external entity expansion vulnerability occurs in the XML Query Parser which is available, by default, for any query request with parameters deftype=xmlparser and can be exploited to upload malicious data to the /upload request handler or as Blind XXE using ftp wrapper in order to read arbitrary local files from the Solr server. Note also that the second vulnerability relates to remote code execution using the RunExecutableListener available on all affected versions of Solr. | ||||
| CVE-2016-8656 | 1 Redhat | 1 Jboss Enterprise Application Platform | 2023-11-07 | N/A |
| Jboss jbossas before versions 5.2.0-23, 6.4.13, 7.0.5 is vulnerable to an unsafe file handling in the jboss init script which could result in local privilege escalation. | ||||
| CVE-2016-8627 | 1 Redhat | 2 Jboss Enterprise Application Platform, Keycloak | 2023-11-07 | N/A |
| admin-cli before versions 3.0.0.alpha25, 2.2.1.cr2 is vulnerable to an EAP feature to download server log files that allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user's browser to request the log files consuming enough resources that normal server functioning could be impaired. | ||||
| CVE-2016-7066 | 1 Redhat | 1 Jboss Enterprise Application Platform | 2023-11-07 | N/A |
| It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 can allow any local user to connect to CLI and allow the user to execute any arbitrary operations. | ||||
| CVE-2016-7061 | 1 Redhat | 2 Enterprise Linux, Jboss Enterprise Application Platform | 2023-11-07 | N/A |
| An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information. | ||||
| CVE-2016-2141 | 1 Redhat | 3 Enterprise Linux, Jboss Enterprise Application Platform, Jgroups | 2023-11-07 | 9.8 Critical |
| It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks. | ||||
| CVE-2014-0226 | 4 Apache, Debian, Oracle and 1 more | 7 Http Server, Debian Linux, Enterprise Manager Ops Center and 4 more | 2023-11-07 | N/A |
| Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard handling within the status_handler function in modules/generators/mod_status.c and the lua_ap_scoreboard_worker function in modules/lua/lua_request.c. | ||||
| CVE-2014-0224 | 9 Fedoraproject, Filezilla-project, Mariadb and 6 more | 20 Fedora, Filezilla Server, Mariadb and 17 more | 2023-11-07 | 7.4 High |
| OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the "CCS Injection" vulnerability. | ||||
| CVE-2014-0118 | 3 Apache, Debian, Redhat | 4 Http Server, Debian Linux, Enterprise Linux and 1 more | 2023-11-07 | N/A |
| The deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service (resource consumption) via crafted request data that decompresses to a much larger size. | ||||
| CVE-2014-0035 | 2 Apache, Redhat | 2 Cxf, Jboss Enterprise Application Platform | 2023-11-07 | N/A |
| The SymmetricBinding in Apache CXF before 2.6.13 and 2.7.x before 2.7.10, when EncryptBeforeSigning is enabled and the UsernameToken policy is set to an EncryptedSupportingToken, transmits the UsernameToken in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network. | ||||
| CVE-2014-0034 | 2 Apache, Redhat | 2 Cxf, Jboss Enterprise Application Platform | 2023-11-07 | N/A |
| The SecurityTokenService (STS) in Apache CXF before 2.6.12 and 2.7.x before 2.7.9 does not properly validate SAML tokens when caching is enabled, which allows remote attackers to gain access via an invalid SAML token. | ||||
| CVE-2013-1862 | 5 Apache, Canonical, Opensuse and 2 more | 11 Http Server, Ubuntu Linux, Opensuse and 8 more | 2023-11-07 | N/A |
| mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator. | ||||
| CVE-2012-0874 | 1 Redhat | 3 Jboss Enterprise Application Platform, Jboss Enterprise Brms Platform, Jboss Enterprise Web Platform | 2023-11-07 | N/A |
| The (1) JMXInvokerHAServlet and (2) EJBInvokerHAServlet invoker servlets in JBoss Enterprise Application Platform (EAP) before 5.2.0, Web Platform (EWP) before 5.2.0, BRMS Platform before 5.3.1, and SOA Platform before 5.3.1 do not require authentication by default in certain profiles, which might allow remote attackers to invoke MBean methods and execute arbitrary code via unspecified vectors. NOTE: this issue can only be exploited when the interceptor is not properly configured with a "second layer of authentication," or when used in conjunction with other vulnerabilities that bypass this second layer. | ||||