Redhat

Jboss Enterprise Application Platform

236 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2011-2196

  • EPSS 1.22%
  • Published 27.07.2011 02:55:01
  • Last modified 11.04.2025 00:51:21

jboss-seam.jar in the JBoss Seam 2 framework 2.2.x and earlier, as distributed in Red Hat JBoss Enterprise SOA Platform 4.3.0.CP05 and 5.1.0; JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3.0, 4.3.0.CP09, and 5.1.1; and JBoss Enter...

6.8

CVE-2011-1484

  • EPSS 1.2%
  • Published 27.07.2011 02:42:27
  • Last modified 11.04.2025 00:51:21

jboss-seam.jar in the JBoss Seam 2 framework 2.2.x and earlier, as distributed in Red Hat JBoss Enterprise SOA Platform 4.3.0.CP04 and 5.1.0 and JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3.0.CP09 and 5.1.0, does not properly re...

2.6

CVE-2010-4265

  • EPSS 1.03%
  • Published 30.12.2010 21:00:02
  • Last modified 11.04.2025 00:51:21

The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$SecondaryServerSocketThread.run method in JBoss Remoting 2.2.x before 2.2.3.SP4 and 2.5.x before 2.5.3.SP2 in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3 t...

7.5

CVE-2010-3708

  • EPSS 2.42%
  • Published 30.12.2010 21:00:01
  • Last modified 11.04.2025 00:51:21

The serialization implementation in JBoss Drools in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3 before 4.3.0.CP09 and JBoss Enterprise SOA Platform 4.2 and 4.3 supports the embedding of class files, which allows remote ...

2.6

CVE-2010-3862

  • EPSS 1.39%
  • Published 30.12.2010 21:00:01
  • Last modified 11.04.2025 00:51:21

The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$SecondaryServerSocketThread.run method in JBoss Remoting 2.2.x before 2.2.3.SP4 and 2.5.x before 2.5.3.SP2 in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3 t...

4.3

CVE-2010-3878

  • EPSS 0.14%
  • Published 30.12.2010 21:00:01
  • Last modified 11.04.2025 00:51:21

Cross-site request forgery (CSRF) vulnerability in the JMX Console in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3 before 4.3.0.CP09 allows remote attackers to hijack the authentication of administrators for requests tha...

8.8

CVE-2010-1871

Warning
  • EPSS 93.82%
  • Published 05.08.2010 13:23:09
  • Last modified 11.04.2025 00:51:21

JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a craf...

5.3

CVE-2010-0738

Warning Exploit
  • EPSS 92.37%
  • Published 28.04.2010 22:30:00
  • Last modified 11.04.2025 00:51:21

The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attack...

7.5

CVE-2010-1428

Warning Exploit
  • EPSS 64.97%
  • Published 28.04.2010 22:30:00
  • Last modified 11.04.2025 00:51:21

The Web Console (aka web-console) in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote atta...

5

CVE-2010-1429

  • EPSS 21.19%
  • Published 28.04.2010 22:30:00
  • Last modified 11.04.2025 00:51:21

Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demon...