CVE-2021-4104
- EPSS 72.2%
- Veröffentlicht 14.12.2021 12:15:12
- Zuletzt bearbeitet 21.11.2024 06:36:54
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppen...
CVE-2020-14340
- EPSS 0.31%
- Veröffentlicht 02.06.2021 13:15:08
- Zuletzt bearbeitet 21.11.2024 05:03:02
A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the attacker to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 t...
- EPSS 71.46%
- Veröffentlicht 09.11.2017 17:29:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x...
- EPSS 0.38%
- Veröffentlicht 15.01.2015 15:59:00
- Zuletzt bearbeitet 12.04.2025 10:46:40
XML external entity (XXE) vulnerability in StaxXMLFactoryProvider2 in Odata4j, as used in Red Hat JBoss Data Virtualization before 6.0.0 patch 4, allows remote attackers to read arbitrary files via a crafted request to a REST endpoint.
CVE-2014-0170
- EPSS 0.53%
- Veröffentlicht 30.09.2014 14:55:08
- Zuletzt bearbeitet 12.04.2025 10:46:40
Teiid before 8.4.3 and before 8.7 and Red Hat JBoss Data Virtualization 6.0.0 before patch 3 allows remote attackers to read arbitrary files via a crafted request to a REST endpoint, related to an XML External Entity (XXE) issue.