Oracle

Glassfish Server

40 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2017-1000028

Exploit
  • EPSS 93.87%
  • Published 17.07.2017 13:18:16
  • Last modified 20.04.2025 01:37:25

Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request.

7.5

CVE-2017-1000029

  • EPSS 73.5%
  • Published 17.07.2017 13:18:16
  • Last modified 20.04.2025 01:37:25

Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Local File Inclusion vulnerability, that makes it possible to include arbitrary files on the server, this vulnerability can be exploited without any prior authentication.

3.1

CVE-2017-3626

  • EPSS 0.47%
  • Published 24.04.2017 19:59:06
  • Last modified 20.04.2025 01:37:25

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The supported version that is affected is 3.1.2. Difficult to exploit vulnerability allows unauthenticated attacker with network acc...

7.5

CVE-2017-3250

  • EPSS 0.71%
  • Published 27.01.2017 22:59:02
  • Last modified 20.04.2025 01:37:25

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security). Supported versions that are affected are 2.1.1, 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with networ...

7.5

CVE-2017-3249

  • EPSS 0.76%
  • Published 27.01.2017 22:59:02
  • Last modified 20.04.2025 01:37:25

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security). Supported versions that are affected are 2.1.1, 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with networ...

4.3

CVE-2017-3247

  • EPSS 0.51%
  • Published 27.01.2017 22:59:02
  • Last modified 20.04.2025 01:37:25

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 2.1.1, 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network ac...

3.3

CVE-2017-3239

  • EPSS 0.04%
  • Published 27.01.2017 22:59:02
  • Last modified 20.04.2025 01:37:25

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration). Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to...

9

CVE-2016-5528

  • EPSS 0.91%
  • Published 27.01.2017 22:59:00
  • Last modified 20.04.2025 01:37:25

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security). Supported versions that are affected are 2.1.1, 3.0.1 and 3.1.2. Difficult to exploit vulnerability allows unauthenticated attacker with netw...

8.8

CVE-2016-5519

  • EPSS 1.1%
  • Published 25.10.2016 14:29:55
  • Last modified 12.04.2025 10:46:40

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Java Server Faces.

5.8

CVE-2016-5477

  • EPSS 0.35%
  • Published 21.07.2016 10:15:34
  • Last modified 12.04.2025 10:46:40

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1 and 3.0.1 allows remote attackers to affect confidentiality via vectors related to Administration.