Oracle

Glassfish Server

40 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2017-1000028

Exploit
  • EPSS 93.87%
  • Veröffentlicht 17.07.2017 13:18:16
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request.

7.5

CVE-2017-1000029

  • EPSS 73.5%
  • Veröffentlicht 17.07.2017 13:18:16
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Local File Inclusion vulnerability, that makes it possible to include arbitrary files on the server, this vulnerability can be exploited without any prior authentication.

3.1

CVE-2017-3626

  • EPSS 0.47%
  • Veröffentlicht 24.04.2017 19:59:06
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The supported version that is affected is 3.1.2. Difficult to exploit vulnerability allows unauthenticated attacker with network acc...

7.5

CVE-2017-3250

  • EPSS 0.71%
  • Veröffentlicht 27.01.2017 22:59:02
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security). Supported versions that are affected are 2.1.1, 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with networ...

7.5

CVE-2017-3249

  • EPSS 0.76%
  • Veröffentlicht 27.01.2017 22:59:02
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security). Supported versions that are affected are 2.1.1, 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with networ...

4.3

CVE-2017-3247

  • EPSS 0.51%
  • Veröffentlicht 27.01.2017 22:59:02
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 2.1.1, 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network ac...

3.3

CVE-2017-3239

  • EPSS 0.04%
  • Veröffentlicht 27.01.2017 22:59:02
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration). Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to...

9

CVE-2016-5528

  • EPSS 0.91%
  • Veröffentlicht 27.01.2017 22:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security). Supported versions that are affected are 2.1.1, 3.0.1 and 3.1.2. Difficult to exploit vulnerability allows unauthenticated attacker with netw...

8.8

CVE-2016-5519

  • EPSS 1.1%
  • Veröffentlicht 25.10.2016 14:29:55
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Java Server Faces.

5.8

CVE-2016-5477

  • EPSS 0.35%
  • Veröffentlicht 21.07.2016 10:15:34
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1 and 3.0.1 allows remote attackers to affect confidentiality via vectors related to Administration.