Max CVSS | 5.8 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2011-4858 | 5.0 |
Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU con
|
09-01-2018 - 02:29 | 05-01-2012 - 19:55 | |
CVE-2011-4573 | 3.5 |
Red Hat JBoss Operations Network (JON) before 2.4.2 does not properly enforce "modify resource" permissions for remote authenticated users when deleting a plug-in configuration update from the group connection properties history, which prevents such
|
01-04-2014 - 14:38 | 01-04-2014 - 06:35 | |
CVE-2011-3206 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in the administration interface in RHQ 4.2.0, as used in JBoss Operations Network (aka JON or JBoss ON) before 3.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vect
|
21-02-2014 - 04:44 | 08-01-2012 - 00:55 | |
CVE-2012-0062 | 5.8 |
Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before 3.0.1 allows remote attackers to hijack agent sessions via an agent registration request without a security token.
|
14-02-2014 - 18:46 | 14-02-2014 - 15:55 | |
CVE-2012-0052 | 5.8 |
Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before 3.0.1 does not check the JON agent key, which allows remote attackers to spoof the identity of arbitrary agents via the registered agent name.
|
14-02-2014 - 18:44 | 14-02-2014 - 15:55 |