Redhat Jboss_middleware_text-only_advisories
9 CVEs affecting Redhat Jboss_middleware_text-only_advisories. Latest disclosed: 2024-04-17. Critical: 1, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-4437 | Critical | 9.8 | 2016-06-07 | Apache Shiro before 1.2.5, when a cipher key has not been configured for the "remember me" feature, allows remote attackers to execute arbitrary code or bypass… |
CVE-2024-1132 | High | 8.1 | 2024-04-17 | A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. This issue could allow an attacker to construct a malicious requ… |
CVE-2023-4853 | High | 8.1 | 2023-09-20 | A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in inco… |
CVE-2022-1415 | High | 8.1 | 2023-09-11 | A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. This flaw allows an authenticated attacker to… |
CVE-2019-14439 | High | 7.5 | 2019-07-30 | A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled (either globally or for… |
CVE-2016-4970 | High | 7.5 | 2017-04-13 | handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allows remote attackers to cause a denial of service (infinite l… |
CVE-2019-14900 | Medium | 6.5 | 2020-07-06 | A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit u… |
CVE-2011-2487 | Medium | 5.9 | 2020-03-11 | The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack. |
CVE-2018-1288 | Medium | 5.4 | 2018-07-26 | In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker… |