Where
AND
-Infinity
0

Trending

Last week
Last month
Last year

Keycloak KeycloakKeycloak-services: blind server-side request forgery (ssrf) via http redirect handling in keycloak

Risk 21
Severity
5.8
EPSS
0.03%
First published (updated )
CVE-2026-4366

redhat JBoss Enterprise Application PlatformInfinispan: credential leakage in infinispan cli

Risk 26
Severity
6.2
EPSS
0.01%
First published (updated )
CVE-2025-5731

maven/org.wildfly.core:wildfly-serverOrg.wildfly.core:wildfly-server: wildfly improper rbac permission

Risk 27
Severity
6.5
EPSS
0.04%
First published (updated )
CVE-2025-23367

redhat JBoss Enterprise Application PlatformJberet: jberet-core logging database credentials

Risk 40
Severity
6.5
First published (updated )
CVE-2024-1102

Fortinet FortiSIEMOpenSSH Terrapin attack (CVE-2023-48795)

Risk 37
Severity
6
First published (updated )
CVE-2023-48795
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

redhat JBoss Enterprise Application PlatformWildfly-core: management user rbac permission allows unexpected reading of system-properties to an unauthorized actor

Risk 40
Severity
6.5
First published (updated )
CVE-2023-4061

maven/org.infinispan:infinispan-server-restInfinispan: non-admins should not be able to get cache config via rest api

Risk 40
Severity
6.5
First published (updated )
CVE-2023-3629

maven/org.infinispan:infinispan-server-restInfispan: rest bulk ops don't check permissions

Risk 40
Severity
6.5
First published (updated )
CVE-2023-3628

redhat/eap7-wildfly-elytronA flaw was found in Wildfly Elytron where ScramServer may be susceptible to Timing Attack if enabled…

Risk 33
Severity
5.3
First published (updated )
CVE-2021-3642

redhat/eap7-wildflyXSS

Risk 30
Severity
4.8
First published (updated )
CVE-2021-3536
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

redhat XnioA flaw was found in xnio. A file descriptor leak caused by growing amounts of NIO Selector file, han…

Risk 36
Severity
5.9
First published (updated )
CVE-2020-14340

redhat/eap7-activemq-artemisA flaw was found in the JBoss EAP, where the authentication configuration is set up using a legacy S…

Risk 39
Severity
6.5
First published (updated )
CVE-2020-14299

redhat/eap7-apache-cxfA vulnerability was found in Undertow, where parsing invalid http request may cause http request smu…

Risk 40
Severity
6.5
First published (updated )
CVE-2020-10719

redhat JBoss Enterprise Application PlatformHibernate-validator: rendering of invalid html with safehtml leads to html injection and xss

Risk 40
Severity
6.1
First published (updated )
CVE-2023-1932

redhat/eap7-elytron-webInput Validation

Risk 28
Severity
5.3
First published (updated )
CVE-2020-10693
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

redhat/eap7-activemq-artemisInput Validation

Risk 31
Severity
4.9
First published (updated )
CVE-2020-1732

redhat/eap7-hal-consoleXSS

Risk 36
Severity
4.8
First published (updated )
CVE-2020-10687

redhat WildFly CoreIt was found that Wildfly users had default user permissions set incorrectly. A malicious user could…

Risk 37
Severity
5.2
First published (updated )
CVE-2019-14838

redhat/eap7-activemq-artemisInput Validation

Risk 36
Severity
5.9
First published (updated )
CVE-2019-12400

redhat/jbcs-httpd24-httpdSome HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service

Risk 45
Severity
6.5
First published (updated )
CVE-2019-9516
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Oracle Retail Price ManagementXSS

Risk 42
Severity
6.5
First published (updated )
CVE-2019-10219

redhat JBoss Enterprise Application PlatformSQL Injection

Risk 40
Severity
6.5
First published (updated )
CVE-2019-14900

redhat JBoss Enterprise Application PlatformJBoss EAP has a vulnerability that allows local users who are able to execute init.d script to termi…

Risk 32
Severity
5.5
First published (updated )
CVE-2019-3805

redhat/eap7-activemq-artemisInfoleak

Risk 33
Severity
5.3
First published (updated )
CVE-2018-14642

redhat JBoss Enterprise Application PlatformXSS

Risk 34
Severity
5.4
First published (updated )
CVE-2018-10934
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

redhat WildFly CorePath Traversal

Risk 32
Severity
5.5
First published (updated )
CVE-2018-10862

Oracle FLEXCUBE Investor ServicingUnbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers …

Risk 37
Severity
5.9
First published (updated )
CVE-2018-10237

redhat undertowCRLF Injection

Risk 38
Severity
6.1
First published (updated )
CVE-2018-1067

Apache TomcatLast updated 18 August 2025

Risk 37
Severity
5.9
First published (updated )
CVE-2018-1304

redhat Jboss Wildfly Application ServerInput Validation, Path Traversal

Risk 32
Severity
5.5
First published (updated )
CVE-2018-1047
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203