| Max CVSS | 7.8 | Min CVSS | 3.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2011-2908 | 6.0 |
Cross-site request forgery (CSRF) vulnerability in the JMX Console (jmx-console) in JBoss Enterprise Portal Platform before 5.2.2, BRMS Platform 5.3.0 before roll up patch1, and SOA Platform 5.3.0 allows remote authenticated users to hijack the authe
|
13-02-2023 - 04:32 | 23-11-2012 - 20:55 | |
| CVE-2011-4605 | 7.5 |
The (1) JNDI service, (2) HA-JNDI service, and (3) HAJNDIFactory invoker servlet in JBoss Enterprise Application Platform 4.3.0 CP10 and 5.1.2, Web Platform 5.1.2, SOA Platform 4.2.0.CP05 and 4.3.0.CP05, Portal Platform 4.3 CP07 and 5.2.x before 5.2.
|
13-02-2023 - 00:22 | 23-11-2012 - 20:55 | |
| CVE-2009-2625 | 5.0 |
XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop a
|
13-05-2022 - 14:44 | 06-08-2009 - 15:30 | |
| CVE-2011-4838 | 5.0 |
JRuby before 1.6.5.1 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintai
|
12-01-2021 - 14:30 | 30-12-2011 - 01:55 | |
| CVE-2012-1167 | 4.6 |
The JBoss Server in JBoss Enterprise Application Platform 5.1.x before 5.1.2 and 5.2.x before 5.2.2, Web Platform before 5.1.2, BRMS Platform before 5.3.0, and SOA Platform before 5.3.0, when the server is configured to use the JaccAuthorizationRealm
|
29-08-2017 - 01:31 | 23-11-2012 - 20:55 | |
| CVE-2012-2377 | 3.3 |
JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent
|
29-08-2017 - 01:31 | 23-11-2012 - 20:55 | |
| CVE-2011-3517 | 7.8 |
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Sun Products Suite 8.0 allows remote attackers to affect availability via unknown vectors related to Authentication.
|
29-08-2017 - 01:30 | 18-10-2011 - 22:55 | |
| CVE-2012-0079 | 4.3 |
Unspecified vulnerability in Oracle OpenSSO 7.1 and 8.0 allows remote attackers to affect integrity via unknown vectors related to Administration.
|
29-08-2017 - 01:30 | 18-01-2012 - 22:55 | |
| CVE-2012-0213 | 5.0 |
The UnhandledDataStructure function in hwpf/model/UnhandledDataStructure.java in Apache POI 3.8 and earlier allows remote attackers to cause a denial of service (OutOfMemoryError exception and possibly JVM destabilization) via a crafted length value
|
11-02-2017 - 02:59 | 07-08-2012 - 21:55 | |
| CVE-2011-3506 | 4.3 |
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Sun Products Suite 7.1 and 8.0 allows remote attackers to affect integrity via unknown vectors related to Authentication.
|
27-11-2012 - 04:34 | 18-10-2011 - 22:55 |