CVSS: 10.0EPSS: 4%CPEs: 2EXPL: 0CVE-2016-3607 – Oracle Glassfish PartItem Arbitrary File Upload Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-3607
21 Jul 2016 — Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Web Container. Vulnerabilidad no especificada en el componente Oracle GlassFish Server en Oracle Fusion Middleware 3.0.1 y 3.1.2 permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores relacionados con Web Container. This vulnerability allows ... • http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html •
CVSS: 9.1EPSS: 3%CPEs: 14EXPL: 0CVE-2015-3237 – Gentoo Linux Security Advisory 201509-02
https://notcve.org/view.php?id=CVE-2015-3237
22 Jun 2015 — The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values. La función smb_request_state en cURL y libcurl 7.40.0 hasta 7.42.1 permite a servidores SMB remotos obtener información sensible de la memoria o causar una denegación de servicio (lectura fuera de rango y caída) a través de valores de longitud y desplazamiento manipulado... • http://curl.haxx.se/docs/adv_20150617B.html • CWE-20: Improper Input Validation •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2013-1508
https://notcve.org/view.php?id=CVE-2013-1508
17 Apr 2013 — Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Sun Middleware Products 3.0.1 and 3.1.2 allows remote attackers to affect integrity via vectors related to REST Interface. Vulnerabilidad no especificada en el componente Oracle GlassFish Server em Oracle Sun Middleware Products 3.0.1 y 3.1.2, permite a atacantes remotos comprometer la integridad a través de vectores relacionados con REST Interface. • http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2012-3155
https://notcve.org/view.php?id=CVE-2012-3155
16 Oct 2012 — Unspecified vulnerability in the CORBA ORB component in Sun GlassFish Enterprise Server 2.1.1, Oracle GlassFish Server 3.0.1 and 3.1.2, and Sun Java System Application Server 8.1 and 8.2 allows remote attackers to affect availability, related to CORBA ORB. Vulnerabilidad no especificada en el componente CORBA ORB de Sun GlassFish Enterprise Server v2.1.1, Sun GlassFish Enterprise Server v3.0.1 y v3.1.2 y Sun Java Application Server System v8.1 y v8.2 permite a atacantes remotos afectar a la disponibilidad, ... • http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2011-4358
https://notcve.org/view.php?id=CVE-2011-4358
17 Jul 2012 — Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1 and 3.1.1 allows remote attackers to affect confidentiality and integrity, related to JSF. Vulnerabilidad sin especificar en Oracle GlassFish Enterprise Server v3.0.1 y v3.1.1 que permite a atacantes remotos afectar a la confidencialidad y la integridad, en relación con JSF. • http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 •
CVSS: 9.8EPSS: 15%CPEs: 1EXPL: 1CVE-2012-0550 – Oracle GlassFish Server - REST Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2012-0550
03 May 2012 — Unspecified vulnerability in the GlassFish Enterprise Server component in Oracle Sun Products Suite GlassFish Enterprise Server 3.1.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Web Container. Vulnerabilidad sin especificar en el componente GlassFish Enterprise Server de Oracle Sun Products Suite GlassFish Enterprise Server 3.1.1. Permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores descono... • https://www.exploit-db.com/exploits/18766 •
CVSS: 9.1EPSS: 59%CPEs: 72EXPL: 1CVE-2012-0551 – Oracle GlassFish Server 3.1.1 (build 12) - Multiple Cross-Site Scripting Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-0551
03 May 2012 — Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE 7 update 4 and earlier and 6 update 32 and earlier, and the GlassFish Enterprise Server component in Oracle Sun Products Suite GlassFish Enterprise Server 3.1.1, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Web Container or Deployment. Vulnerabilidad no especificada en el componente GlassFish Enterprise Server en Oracle Sun Products Suite GlassFish Enterprise Server v3.1.1 perm... • https://www.exploit-db.com/exploits/18764 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2012-0081
https://notcve.org/view.php?id=CVE-2012-0081
18 Jan 2012 — Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.1.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Administration. Vulnerabilidad no especificada en Oracle GlassFish Enterprise Server v3.1.1 permite a usuarios locales afectar a la confidencialidad, integridad y disponibilidad de la información a través de vectores desconocidos relacionados con la Administración. • http://osvdb.org/78415 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2012-0104
https://notcve.org/view.php?id=CVE-2012-0104
18 Jan 2012 — Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1 and 3.1.1 allows remote attackers to affect availability via unknown vectors related to Web Container. Vulnerabilidad no especificada en Oracle GlassFish Enterprise Server v3.0.1 y v3.1.1 permite a atacantes remotos afectar a la disponibilidad a través de vectores desconocidos relacionados con el contenedor web. • http://osvdb.org/78417 •
CVSS: 7.5EPSS: 52%CPEs: 3EXPL: 2CVE-2011-5035 – MyBulletinBoard (MyBB) 1.1.5 - 'CLIENT-IP' SQL Injection
https://notcve.org/view.php?id=CVE-2011-5035
30 Dec 2011 — Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869. Oracle Glassfish 2.1.1, 3.0.1 y 3.1.1, tal como se utiliza en Communications Server 2.0, Sun... • https://packetstorm.news/files/id/180523 • CWE-20: Improper Input Validation •