CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2017-3247
https://notcve.org/view.php?id=CVE-2017-3247
27 Jan 2017 — Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 2.1.1, 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via SMTP to compromise Oracle GlassFish Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle GlassFi... • http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-3249
https://notcve.org/view.php?id=CVE-2017-3249
27 Jan 2017 — Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security). Supported versions that are affected are 2.1.1, 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via LDAP to compromise Oracle GlassFish Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle GlassFish Server accessible data as well as unauthorized read access to a subset of Ora... • http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-3250
https://notcve.org/view.php?id=CVE-2017-3250
27 Jan 2017 — Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security). Supported versions that are affected are 2.1.1, 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle GlassFish Server accessible data as well as unauthorized read access to a subset of Ora... • http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2016-5528
https://notcve.org/view.php?id=CVE-2016-5528
27 Jan 2017 — Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security). Supported versions that are affected are 2.1.1, 3.0.1 and 3.1.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle GlassFish Server. While the vulnerability is in Oracle GlassFish Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle GlassF... • http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html •
CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 0CVE-2016-5519
https://notcve.org/view.php?id=CVE-2016-5519
25 Oct 2016 — Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Java Server Faces. Vulnerabilidad no especificada en el componente Oracle GlassFish Server en Oracle Fusion Middleware 2.1.1, 3.0.1 y 3.1.2 permite a usuarios remotos autenticados afectar la confidencialidad, la integridad y la disponibilidad a través de vectores relacionados con ... • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html •
CVSS: 10.0EPSS: 4%CPEs: 2EXPL: 0CVE-2016-3607 – Oracle Glassfish PartItem Arbitrary File Upload Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-3607
21 Jul 2016 — Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Web Container. Vulnerabilidad no especificada en el componente Oracle GlassFish Server en Oracle Fusion Middleware 3.0.1 y 3.1.2 permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores relacionados con Web Container. This vulnerability allows ... • http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html •
CVSS: 9.1EPSS: 3%CPEs: 14EXPL: 0CVE-2015-3237 – Gentoo Linux Security Advisory 201509-02
https://notcve.org/view.php?id=CVE-2015-3237
22 Jun 2015 — The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values. La función smb_request_state en cURL y libcurl 7.40.0 hasta 7.42.1 permite a servidores SMB remotos obtener información sensible de la memoria o causar una denegación de servicio (lectura fuera de rango y caída) a través de valores de longitud y desplazamiento manipulado... • http://curl.haxx.se/docs/adv_20150617B.html • CWE-20: Improper Input Validation •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2013-1508
https://notcve.org/view.php?id=CVE-2013-1508
17 Apr 2013 — Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Sun Middleware Products 3.0.1 and 3.1.2 allows remote attackers to affect integrity via vectors related to REST Interface. Vulnerabilidad no especificada en el componente Oracle GlassFish Server em Oracle Sun Middleware Products 3.0.1 y 3.1.2, permite a atacantes remotos comprometer la integridad a través de vectores relacionados con REST Interface. • http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2012-3155
https://notcve.org/view.php?id=CVE-2012-3155
16 Oct 2012 — Unspecified vulnerability in the CORBA ORB component in Sun GlassFish Enterprise Server 2.1.1, Oracle GlassFish Server 3.0.1 and 3.1.2, and Sun Java System Application Server 8.1 and 8.2 allows remote attackers to affect availability, related to CORBA ORB. Vulnerabilidad no especificada en el componente CORBA ORB de Sun GlassFish Enterprise Server v2.1.1, Sun GlassFish Enterprise Server v3.0.1 y v3.1.2 y Sun Java Application Server System v8.1 y v8.2 permite a atacantes remotos afectar a la disponibilidad, ... • http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 •