Redhat

Jboss Enterprise Soa Platform

17 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2011-2487

  • EPSS 0.14%
  • Published 11.03.2020 16:15:11
  • Last modified 21.11.2024 01:28:23

The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack.

10

CVE-2015-7501

  • EPSS 71.46%
  • Published 09.11.2017 17:29:00
  • Last modified 20.04.2025 01:37:25

Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x...

6.8

CVE-2014-3518

  • EPSS 1.66%
  • Published 22.07.2014 20:55:01
  • Last modified 12.04.2025 10:46:40

jmx-remoting.sar in JBoss Remoting, as used in Red Hat JBoss Enterprise Application Platform (JEAP) 5.2.0, Red Hat JBoss BRMS 5.3.1, Red Hat JBoss Portal Platform 5.2.2, and Red Hat JBoss SOA Platform 5.3.1, does not properly implement the JSR 160 sp...

5

CVE-2013-4210

  • EPSS 1.27%
  • Published 01.10.2013 17:55:03
  • Last modified 11.04.2025 00:51:21

The org.jboss.remoting.transport.socket.ServerThread class in Red Hat JBoss Remoting for Red Hat JBoss SOA Platform 5.3.1 GA, Web Platform 5.2.0, Enterprise Application Platform 5.2.0, and other products allows remote attackers to cause a denial of s...

6.4

CVE-2012-5575

  • EPSS 12.29%
  • Published 19.08.2013 23:55:08
  • Last modified 11.04.2025 00:51:21

Apache CXF 2.5.x before 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting, which allows remote attackers...

5

CVE-2011-1483

  • EPSS 1.37%
  • Published 29.07.2013 13:59:54
  • Last modified 11.04.2025 00:51:21

wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise Application Platform 4.2.0.CP09, 4.3, and 5.1.1; JBoss Enterprise Portal Platform 4.3.CP06 and 5.1.1; JBoss Enterprise SOA Platform 4.2.CP05, 4.3.CP05, and 5.1.0; JBoss Communicat...

7.5

CVE-2013-2165

  • EPSS 25.71%
  • Published 23.07.2013 11:03:11
  • Last modified 11.04.2025 00:51:21

ResourceBuilderImpl.java in the RichFaces 3.x through 5.x implementation in Red Hat JBoss Web Framework Kit before 2.3.0, Red Hat JBoss Web Platform through 5.2.0, Red Hat JBoss Enterprise Application Platform through 4.3.0 CP10 and 5.x through 5.2.0...

4.6

CVE-2012-1167

  • EPSS 0.82%
  • Published 23.11.2012 20:55:02
  • Last modified 11.04.2025 00:51:21

The JBoss Server in JBoss Enterprise Application Platform 5.1.x before 5.1.2 and 5.2.x before 5.2.2, Web Platform before 5.1.2, BRMS Platform before 5.3.0, and SOA Platform before 5.3.0, when the server is configured to use the JaccAuthorizationRealm...

3.3

CVE-2012-2377

  • EPSS 0.99%
  • Published 23.11.2012 20:55:02
  • Last modified 11.04.2025 00:51:21

JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent ...

7.5

CVE-2011-4605

  • EPSS 2.42%
  • Published 23.11.2012 20:55:01
  • Last modified 11.04.2025 00:51:21

The (1) JNDI service, (2) HA-JNDI service, and (3) HAJNDIFactory invoker servlet in JBoss Enterprise Application Platform 4.3.0 CP10 and 5.1.2, Web Platform 5.1.2, SOA Platform 4.2.0.CP05 and 4.3.0.CP05, Portal Platform 4.3 CP07 and 5.2.x before 5.2....