ReportizFlow
Filtered by vendor Redhat
Subscriptions
Filtered by product Jboss Data Grid
Subscriptions
Total
244 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-2638 | 2 Infinispan, Redhat | 2 Infinispan, Jboss Data Grid | 2024-11-21 | N/A |
| It was found that the REST API in Infinispan before version 9.0.0 did not properly enforce auth constraints. An attacker could use this vulnerability to read or modify data in the default cache or a known cache name. | ||||
| CVE-2017-15089 | 2 Infinispan, Redhat | 6 Infinispan, Jboss Data Grid, Jboss Enterprise Application Platform and 3 more | 2024-11-21 | N/A |
| It was found that the Hotrod client in Infinispan before 9.2.0.CR1 would unsafely read deserialized data on information from the cache. An authenticated attacker could inject a malicious object into the data cache and attain deserialization on the client, and possibly conduct further attacks. | ||||
| CVE-2016-0750 | 2 Infinispan, Redhat | 3 Infinispan, Jboss Data Grid, Jboss Single Sign On | 2024-11-21 | N/A |
| The hotrod java client in infinispan before 9.1.0.Final automatically deserializes bytearray message contents in certain events. A malicious user could exploit this flaw by injecting a specially-crafted serialized object to attain remote code execution or conduct other attacks. | ||||
| CVE-2015-9251 | 3 Jquery, Oracle, Redhat | 51 Jquery, Agile Product Lifecycle Management For Process, Banking Platform and 48 more | 2024-11-21 | N/A |
| jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed. | ||||