CVE-2014-5075
- EPSS 0.18%
- Published 25.10.2014 21:55:04
- Last modified 12.04.2025 10:46:40
The Ignite Realtime Smack XMPP API 4.x before 4.0.2, and 3.x and 2.x when a custom SSLContext is used, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, ...
CVE-2014-0085
- EPSS 0.14%
- Published 17.04.2014 14:55:06
- Last modified 12.04.2025 10:46:40
JBoss Fuse did not enable encrypted passwords by default in its usage of Apache Zookeeper. This permitted sensitive information disclosure via logging to local users. Note: this description has been updated; previous text mistakenly identified the so...
CVE-2013-4372
- EPSS 0.42%
- Published 30.09.2013 21:55:07
- Last modified 11.04.2025 00:51:21
Multiple cross-site scripting (XSS) vulnerabilities in Fuse Management Console in Red Hat JBoss Fuse 6.0.0 before patch 3 and JBoss A-MQ 6.0.0 before patch 3 allow remote attackers to inject arbitrary web script or HTML via the (1) user field in the ...