CVE-2011-2487
- EPSS 0.14%
- Published 11.03.2020 16:15:11
- Last modified 21.11.2024 01:28:23
The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack.
CVE-2012-5626
- EPSS 0.18%
- Published 23.01.2020 19:15:11
- Last modified 21.11.2024 01:44:59
EJB method in Red Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 5; Red Hat JBoss Operations Network 3.1; Red Hat JBoss Portal 4 and 5; Red Hat JBoss SOA Platform 4.2, 4.3, and 5; in Red Hat JBoss Enterprise Web Server 1 ignores role...
CVE-2014-0245
- EPSS 0.41%
- Published 02.01.2020 20:15:17
- Last modified 21.11.2024 02:01:44
It was found that the implementation of the GTNSubjectCreatingInterceptor class in gatein-wsrp was not thread safe. For a specific WSRP endpoint, under high-concurrency scenarios or scenarios where SOAP messages take long to execute, it was possible ...
CVE-2013-6495
- EPSS 0.34%
- Published 11.12.2019 14:15:09
- Last modified 21.11.2024 01:59:20
JBossWeb Bayeux has reflected XSS
- EPSS 71.46%
- Published 09.11.2017 17:29:00
- Last modified 20.04.2025 01:37:25
Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x...
CVE-2015-5176
- EPSS 0.24%
- Published 11.08.2015 14:59:11
- Last modified 12.04.2025 10:46:40
The PortletRequestDispatcher in PortletBridge, as used in Red Hat JBoss Portal 6.2.0, does not properly enforce the security constraints of servlets, which allows remote attackers to gain access to resources via a request that asks to render a non-JS...