Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Glassfish_server
(Oracle)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 40 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-07-17 | CVE-2017-1000029 | Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Local File Inclusion vulnerability, that makes it possible to include arbitrary files on the server, this vulnerability can be exploited without any prior authentication. | Glassfish_server | 7.5 | ||
| 2017-01-27 | CVE-2016-5528 | Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security). Supported versions that are affected are 2.1.1, 3.0.1 and 3.1.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle GlassFish Server. While the vulnerability is in Oracle GlassFish Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover... | Glassfish_server | 9.0 | ||
| 2016-10-25 | CVE-2016-5519 | Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Java Server Faces. | Glassfish_server | 8.8 | ||
| 2016-07-21 | CVE-2016-5477 | Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1 and 3.0.1 allows remote attackers to affect confidentiality via vectors related to Administration. | Glassfish_server | 5.8 | ||
| 2016-07-21 | CVE-2016-3608 | Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 allows remote attackers to affect confidentiality via vectors related to Administration. | Glassfish_server | 5.8 | ||
| 2016-07-21 | CVE-2016-3607 | Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Web Container. | Glassfish_server | 9.8 | ||
| 2015-06-22 | CVE-2015-3237 | The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values. | Curl, Libcurl, System_management_homepage, Enterprise_manager_ops_center, Glassfish_server | N/A | ||
| 2013-04-17 | CVE-2013-1508 | Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Sun Middleware Products 3.0.1 and 3.1.2 allows remote attackers to affect integrity via vectors related to REST Interface. | Glassfish_server | N/A | ||
| 2012-10-16 | CVE-2012-3155 | Unspecified vulnerability in the CORBA ORB component in Sun GlassFish Enterprise Server 2.1.1, Oracle GlassFish Server 3.0.1 and 3.1.2, and Sun Java System Application Server 8.1 and 8.2 allows remote attackers to affect availability, related to CORBA ORB. | Glassfish_server, Java_system_application_server | N/A | ||
| 2012-05-03 | CVE-2012-0550 | Unspecified vulnerability in the GlassFish Enterprise Server component in Oracle Sun Products Suite GlassFish Enterprise Server 3.1.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Web Container. | Glassfish_server | N/A |