Oracle Glassfish_server
32 CVEs affecting Oracle Glassfish_server. Latest disclosed: 2017-10-19. Critical: 4, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-1000030 | Critical | 9.8 | 2017-07-17 | Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Java Key Store Password Disclosure vulnerability, that makes it possible to prov… |
CVE-2016-3607 | Critical | 9.8 | 2016-07-21 | Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2 allows remote attackers to affect confidentialit… |
CVE-2015-7182 | Critical | 9.8 | 2015-11-05 | Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before… |
CVE-2016-5528 | Critical | 9.0 | 2017-01-27 | Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security). Supported versions that are affected are 2.1.1, 3… |
CVE-2016-5519 | High | 8.8 | 2016-10-25 | Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2 allows remote authenticated users to aff… |
CVE-2016-1950 | High | 8.8 | 2016-03-13 | Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45… |
CVE-2017-1000029 | High | 7.5 | 2017-07-17 | Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Local File Inclusion vulnerability, that makes it possible to include arbitrary… |
CVE-2017-1000028 | High | 7.5 | 2017-07-17 | Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploit… |
CVE-2017-10391 | High | 7.3 | 2017-10-19 | Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration). Supported versions that are affected are 3.0… |
CVE-2017-3250 | High | 7.3 | 2017-01-27 | Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security). Supported versions that are affected are 2.1.1, 3… |
CVE-2017-3249 | High | 7.3 | 2017-01-27 | Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security). Supported versions that are affected are 2.1.1, 3… |
CVE-2017-10393 | Medium | 6.3 | 2017-10-19 | Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Web Container). Supported versions that are affected are 3.0… |
CVE-2017-10385 | Medium | 6.3 | 2017-10-19 | Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Web Container). Supported versions that are affected are 3.0… |
CVE-2016-5477 | Medium | 5.8 | 2016-07-21 | Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1 and 3.0.1 allows remote attackers to affect confidentialit… |
CVE-2016-3608 | Medium | 5.8 | 2016-07-21 | Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 allows remote attackers to affect confidentiality via vect… |
CVE-2017-10400 | Medium | 5.4 | 2017-10-19 | Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration Graphical User Interface). The supported versi… |
CVE-2017-3247 | Medium | 4.3 | 2017-01-27 | Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 2.1.1, 3.0.1… |
CVE-2017-3239 | Low | 3.3 | 2017-01-27 | Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration). Supported versions that are affected are 3.0… |
CVE-2017-3626 | Low | 3.1 | 2017-04-24 | Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The supported version that is affected is… |
CVE-2015-3237 | | 2015-06-22 | The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denia… |