ReportizFlow
Filtered by vendor
Subscriptions
Total
1332 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-7559 | 2 Apache, Redhat | 4 Activemq, Jboss A-mq, Jboss Amq and 1 more | 2024-11-21 | 2.7 Low |
| It was found that the Apache ActiveMQ client before 5.14.5 exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a compromised broker could use this flaw to achieve denial of service on a connected client. | ||||
| CVE-2015-5201 | 1 Redhat | 3 Enterprise Linux, Enterprise Virtualization, Enterprise Virtualization Hypervisor | 2024-11-21 | 7.5 High |
| VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0 as packaged in Red Hat Enterprise Virtualization before 3.5.6 when VSDM is run with -spice disable-ticketing and a VM is suspended and then restored, allows remote attackers to log in without authentication via unspecified vectors. | ||||
| CVE-2015-2888 | 1 Summerinfant | 2 Baby Zoom Wifi Monitor, Baby Zoom Wifi Monitor Firmware | 2024-11-21 | 9.8 Critical |
| Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to bypass authentication, related to the MySnapCam web service. | ||||
| CVE-2015-0812 | 3 Canonical, Mozilla, Opensuse | 3 Ubuntu Linux, Firefox, Opensuse | 2024-11-21 | N/A |
| Mozilla Firefox before 37.0 does not require an HTTPS session for lightweight theme add-on installations, which allows man-in-the-middle attackers to bypass an intended user-confirmation requirement by deploying a crafted web site and conducting a DNS spoofing attack against a mozilla.org subdomain. | ||||
| CVE-2015-0297 | 1 Redhat | 1 Jboss Operations Network | 2024-11-21 | N/A |
| Red Hat JBoss Operations Network 3.3.1 does not properly restrict access to certain APIs, which allows remote attackers to execute arbitrary Java methods via the (1) ServerInvokerServlet or (2) SchedulerService or (3) cause a denial of service (disk consumption) via the ContentManager. | ||||
| CVE-2015-0225 | 2 Apache, Redhat | 2 Cassandra, Jboss Operations Network | 2024-11-21 | N/A |
| The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request. | ||||
| CVE-2014-7271 | 2 Fedoraproject, Sddm Project | 2 Fedora, Sddm | 2024-11-21 | N/A |
| Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to log in as user "sddm" without authentication. | ||||
| CVE-2014-4872 | 1 Bmc | 1 Track-it\! | 2024-11-21 | N/A |
| BMC Track-It! 11.3.0.355 does not require authentication on TCP port 9010, which allows remote attackers to upload arbitrary files, execute arbitrary code, or obtain sensitive credential and configuration information via a .NET Remoting request to (1) FileStorageService or (2) ConfigurationService. | ||||
| CVE-2014-3699 | 1 Redhat | 2 Edeploy, Jboss Enterprise Web Server | 2024-11-21 | 9.8 Critical |
| eDeploy has RCE via cPickle deserialization of untrusted data | ||||
| CVE-2014-3576 | 3 Apache, Oracle, Redhat | 5 Activemq, Business Intelligence Publisher, Fusion Middleware and 2 more | 2024-11-21 | N/A |
| The processControlCommand function in broker/TransportConnection.java in Apache ActiveMQ before 5.11.0 allows remote attackers to cause a denial of service (shutdown) via a shutdown command. | ||||
| CVE-2014-3518 | 1 Redhat | 4 Jboss Enterprise Application Platform, Jboss Enterprise Brms Platform, Jboss Enterprise Portal Platform and 1 more | 2024-11-21 | N/A |
| jmx-remoting.sar in JBoss Remoting, as used in Red Hat JBoss Enterprise Application Platform (JEAP) 5.2.0, Red Hat JBoss BRMS 5.3.1, Red Hat JBoss Portal Platform 5.2.2, and Red Hat JBoss SOA Platform 5.3.1, does not properly implement the JSR 160 specification, which allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2014-3449 | 1 Bss Continuity Cms Project | 1 Bss Continuty Cms | 2024-11-21 | 9.8 Critical |
| BSS Continuity CMS 4.2.22640.0 has an Authentication Bypass vulnerability | ||||
| CVE-2014-2590 | 1 Siemens | 3 Ruggedcom Rs950g, Ruggedcom Rsg2488, Ruggedcom Rugged Operating System | 2024-11-21 | N/A |
| The web management interface in Siemens RuggedCom ROS before 3.11, ROS 3.11 before 3.11.5 for RS950G, ROS 3.12, and ROS 4.0 for RSG2488 allows remote attackers to cause a denial of service (interface outage) via crafted HTTP packets. | ||||
| CVE-2014-0121 | 2 Hawt, Redhat | 2 Hawtio, Jboss Fuse | 2024-11-21 | N/A |
| The admin terminal in Hawt.io does not require authentication, which allows remote attackers to execute arbitrary commands via the k parameter. | ||||
| CVE-2013-6496 | 1 Redhat | 2 Conga, Rhel Cluster | 2024-11-21 | N/A |
| Red Hat Conga 0.12.2 allows remote attackers to obtain sensitive information via a crafted request to the (1) homebase, (2) cluster, (3) storage, (4) portal_skins/custom, or (5) logs Luci extension. | ||||
| CVE-2013-3060 | 2 Apache, Redhat | 3 Activemq, Fuse Message Broker, Fuse Mq Enterprise | 2024-11-21 | N/A |
| The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests. | ||||
| CVE-2013-1793 | 1 Redhat | 2 Openstack, Openstack Essex | 2024-11-21 | 7.5 High |
| openstack-utils openstack-db has insecure password creation | ||||
| CVE-2013-0314 | 1 Redhat | 1 Jboss Enterprise Portal Platform | 2024-11-21 | N/A |
| The GateIn Portal export/import gadget in JBoss Enterprise Portal Platform 5.2.2 does not properly check authentication when importing Zip files, which allows remote attackers to modify site contents, remove the site, or alter the access controls for portlets. | ||||
| CVE-2012-5485 | 2 Plone, Redhat | 2 Plone, Rhel Cluster | 2024-11-21 | N/A |
| registerConfiglet.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via unspecified vectors, related to the admin interface. | ||||
| CVE-2012-2736 | 4 Canonical, Debian, Gnome and 1 more | 4 Ubuntu Linux, Debian Linux, Networkmanager and 1 more | 2024-11-21 | 4.4 Medium |
| In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/insecure network. | ||||