CVE-2021-4104
- EPSS 72.2%
- Published 14.12.2021 12:15:12
- Last modified 21.11.2024 06:36:54
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppen...
CVE-2020-14340
- EPSS 0.31%
- Published 02.06.2021 13:15:08
- Last modified 21.11.2024 05:03:02
A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the attacker to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 t...
- EPSS 71.46%
- Published 09.11.2017 17:29:00
- Last modified 20.04.2025 01:37:25
Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x...
- EPSS 0.38%
- Published 15.01.2015 15:59:00
- Last modified 12.04.2025 10:46:40
XML external entity (XXE) vulnerability in StaxXMLFactoryProvider2 in Odata4j, as used in Red Hat JBoss Data Virtualization before 6.0.0 patch 4, allows remote attackers to read arbitrary files via a crafted request to a REST endpoint.
CVE-2014-0170
- EPSS 0.53%
- Published 30.09.2014 14:55:08
- Last modified 12.04.2025 10:46:40
Teiid before 8.4.3 and before 8.7 and Red Hat JBoss Data Virtualization 6.0.0 before patch 3 allows remote attackers to read arbitrary files via a crafted request to a REST endpoint, related to an XML External Entity (XXE) issue.