CVE-2011-2487
- EPSS 0.14%
- Veröffentlicht 11.03.2020 16:15:11
- Zuletzt bearbeitet 21.11.2024 01:28:23
The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack.
- EPSS 71.46%
- Veröffentlicht 09.11.2017 17:29:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x...
CVE-2014-3518
- EPSS 1.66%
- Veröffentlicht 22.07.2014 20:55:01
- Zuletzt bearbeitet 12.04.2025 10:46:40
jmx-remoting.sar in JBoss Remoting, as used in Red Hat JBoss Enterprise Application Platform (JEAP) 5.2.0, Red Hat JBoss BRMS 5.3.1, Red Hat JBoss Portal Platform 5.2.2, and Red Hat JBoss SOA Platform 5.3.1, does not properly implement the JSR 160 sp...
- EPSS 1.27%
- Veröffentlicht 01.10.2013 17:55:03
- Zuletzt bearbeitet 11.04.2025 00:51:21
The org.jboss.remoting.transport.socket.ServerThread class in Red Hat JBoss Remoting for Red Hat JBoss SOA Platform 5.3.1 GA, Web Platform 5.2.0, Enterprise Application Platform 5.2.0, and other products allows remote attackers to cause a denial of s...
CVE-2012-5575
- EPSS 12.29%
- Veröffentlicht 19.08.2013 23:55:08
- Zuletzt bearbeitet 11.04.2025 00:51:21
Apache CXF 2.5.x before 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting, which allows remote attackers...
- EPSS 1.37%
- Veröffentlicht 29.07.2013 13:59:54
- Zuletzt bearbeitet 11.04.2025 00:51:21
wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise Application Platform 4.2.0.CP09, 4.3, and 5.1.1; JBoss Enterprise Portal Platform 4.3.CP06 and 5.1.1; JBoss Enterprise SOA Platform 4.2.CP05, 4.3.CP05, and 5.1.0; JBoss Communicat...
CVE-2013-2165
- EPSS 25.71%
- Veröffentlicht 23.07.2013 11:03:11
- Zuletzt bearbeitet 11.04.2025 00:51:21
ResourceBuilderImpl.java in the RichFaces 3.x through 5.x implementation in Red Hat JBoss Web Framework Kit before 2.3.0, Red Hat JBoss Web Platform through 5.2.0, Red Hat JBoss Enterprise Application Platform through 4.3.0 CP10 and 5.x through 5.2.0...
CVE-2012-1167
- EPSS 0.82%
- Veröffentlicht 23.11.2012 20:55:02
- Zuletzt bearbeitet 11.04.2025 00:51:21
The JBoss Server in JBoss Enterprise Application Platform 5.1.x before 5.1.2 and 5.2.x before 5.2.2, Web Platform before 5.1.2, BRMS Platform before 5.3.0, and SOA Platform before 5.3.0, when the server is configured to use the JaccAuthorizationRealm...
CVE-2012-2377
- EPSS 0.99%
- Veröffentlicht 23.11.2012 20:55:02
- Zuletzt bearbeitet 11.04.2025 00:51:21
JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent ...
CVE-2011-4605
- EPSS 2.42%
- Veröffentlicht 23.11.2012 20:55:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
The (1) JNDI service, (2) HA-JNDI service, and (3) HAJNDIFactory invoker servlet in JBoss Enterprise Application Platform 4.3.0 CP10 and 5.1.2, Web Platform 5.1.2, SOA Platform 4.2.0.CP05 and 4.3.0.CP05, Portal Platform 4.3 CP07 and 5.2.x before 5.2....