Known Vulnerabilities for products from Jboss
Listed below are 14 of the newest known vulnerabilities associated with the vendor "Jboss".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2018-1041 json | A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10, reads from an empty ... | 7.5 - HIGH | 2018-02-15 | 2019-10-09 |
| CVE-2016-2094 json | The HTTPS NIO Connector allows remote attackers to cause a denial of service (thread consumption) by opening a socket and not... | 7.5 - HIGH | 2016-05-06 | 2016-05-10 |
| CVE-2014-0170 json | Teiid before 8.4.3 and before 8.7 and Red Hat JBoss Data Virtualization 6.0.0 before patch 3 allows remote attackers to read ... | 4.3 - MEDIUM | 2014-09-30 | 2017-08-29 |
| CVE-2012-3428 json | The IronJacamar container before 1.0.12.Final for JBoss Application Server, when allow-multiple-users is enabled in conjuncti... | 4.3 - MEDIUM | 2012-12-20 | 2013-01-08 |
| CVE-2008-3273 json | JBoss Enterprise Application Platform (aka JBossEAP or EAP) before 4.2.0.CP03, and 4.3.0 before 4.3.0.CP01, allows remote att... | Not Provided | 2008-08-10 | 2026-04-23 |
| CVE-2007-6433 json | The getRenderedEjbql method in the org.jboss.seam.framework.Query class in JBoss Seam 2.x before 2.0.0.CR3 allows remote atta... | Not Provided | 2007-12-18 | 2026-04-23 |
| CVE-2007-1354 json | The Access Control functionality (JMXOpsAccessControlFilter) in JMX Console in JBoss Application Server 4.0.2 and 4.0.5 befor... | Not Provided | 2007-07-27 | 2026-04-23 |
| CVE-2007-1157 json | Cross-site request forgery (CSRF) vulnerability in jmx-console/HtmlAdaptor in JBoss allows remote attackers to perform privil... | Not Provided | 2007-03-02 | 2026-04-23 |
| CVE-2007-1036 json | The default configuration of JBoss does not restrict access to the (1) console and (2) web management interfaces, which allow... | Not Provided | 2007-02-21 | 2026-04-23 |
| CVE-2006-5750 json | Directory traversal vulnerability in the DeploymentFileRepository class in JBoss Application Server (jbossas) 3.2.4 through 4... | Not Provided | 2006-11-27 | 2026-04-23 |
| CVE-2005-4709 json | The popSubjectContext method in the SecurityAssociation class in JBoss Enterprise Java Beans (EJB) 3.0 RC3 maintains the thre... | Not Provided | 2005-12-31 | 2025-04-03 |
| CVE-2005-2158 json | A regression error in the embedded HSQLDB in JBoss jBPM 2.0 allows remote attackers to execute arbitrary comands, a re-introd... | Not Provided | 2005-07-06 | 2025-04-03 |
| CVE-2005-2006 json | JBOSS 3.2.2 through 3.2.7 and 4.0.2 allows remote attackers to obtain sensitive information via a GET request (1) with a "%."... | Not Provided | 2005-06-17 | 2025-04-03 |
| CVE-2003-0845 json | Unknown vulnerability in the HSQLDB component in JBoss 3.2.1 and 3.0.8 on Java 1.4.x platforms, when running in the default c... | Not Provided | 2003-11-17 | 2025-04-03 |
Known software with vulnerabilities from Jboss
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Jboss | Jboss | 3.0.8 |