Where
-Infinity
0

Trending

Last week
Last month
Last year

maven/io.undertow:undertow-coreUndertow: improper state management in proxy protocol parsing causes information leakage

Risk 32
Severity
7.5
EPSS
0.10%
First published (updated )
CVE-2024-7885

Apache Tomcat- Rapid Reset HTTP/2 vulnerability

Risk 65
Severity
7.5
Exploited
Zeroday
First published (updated )
CVE-2023-44487

redhat/eap7-undertowA flaw was found in Undertow. AJP requests to the server may allow an attacker to send a malicious r…

Risk 45
Severity
7.5
First published (updated )
CVE-2022-2053

redhat/log4jDeserialization of untrusted data in JMSAppender in Apache Log4j 1.2

Risk 79
Severity
8.1
First published (updated )
CVE-2021-4104

redhat/eap7-wildfly-elytronA flaw was found in Wildfly Elytron where ScramServer may be susceptible to Timing Attack if enabled…

Risk 33
Severity
5.3
First published (updated )
CVE-2021-3642
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

redhat Kubernetes-clientPath Traversal

Risk 58
Severity
7.4
First published (updated )
CVE-2021-20218

redhat XnioA flaw was found in xnio. A file descriptor leak caused by growing amounts of NIO Selector file, han…

Risk 36
Severity
5.9
First published (updated )
CVE-2020-14340

redhat/eap7-wildflyA vulnerability was found in Wildfly's EJB Client, where accumulation of some specific EJB transacti…

Risk 40
Severity
6.5
First published (updated )
CVE-2020-14297

redhat/eap7-wildflyA vulnerability was found in Wildfly's EJB where SessionOpenInvocations may not be removed properly …

Risk 39
Severity
6.5
First published (updated )
CVE-2020-14307

redhat/keycloakCSRF

Risk 18
Severity
3.3
First published (updated )
CVE-2020-10734
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

redhat/eap7-elytron-webThe embedded managed process API has two methods exposed as public methods which can bypass the secu…

Risk 44
Severity
7.5
First published (updated )
CVE-2020-10718

redhat/eap7-elytron-webA flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM…

Risk 70
Severity
7.5
First published (updated )
CVE-2020-10714

maven/org.keycloak:keycloak-parentA flaw was found in Keycloak 7.0.1. A logged in user can do an account email enumeration attack.

Risk 22
Severity
4
First published (updated )
CVE-2020-1717

redhat/eap7-apache-cxfA vulnerability was found in the Undertow HTTP server listening on HTTPS. An attacker can target the…

Risk 45
Severity
7.5
First published (updated )
CVE-2019-14888

redhat/eap7-activemq-artemisIt was found that the OpenSSL security provider does not honor TLS version in 'enabled-protocols' va…

Risk 68
Severity
9.1
First published (updated )
CVE-2019-14887
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

maven/com.fasterxml.jackson.core:jackson-databindInfoleak

Risk 88
Severity
9.8
First published (updated )
CVE-2019-14892

redhat JBoss Enterprise Application PlatformUndertow DEBUG log for io.undertow.request.security if enabled leaks credentials to log files with l…

Risk 88
Severity
9.8
First published (updated )
CVE-2019-10212

redhat/eap7-apache-cxfInput Validation, Infoleak

Risk 62
Severity
8.1
First published (updated )
CVE-2020-1757

redhat/undertowWhen using a "Digest" authentication, server does not ensure that value of the "uri" attribute in "A…

Risk 36
Severity
5.9
First published (updated )
CVE-2017-12196

redhat JBoss Enterprise Application PlatformIt was found that the Apache commons-collections library permitted code execution when deserializing…

Risk 90
Severity
9.8
First published (updated )
CVE-2015-7501
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

redhat/async-http-clientmain/java/com/ning/http/client/AsyncHttpClientConfig.java in Async Http Client (aka AHC or async-htt…

Risk 23
Severity
4.3
First published (updated )
CVE-2013-7398

redhat/async-http-clientIt was found that async-http-client would disable SSL/TLS certificate verification under certain con…

Risk 23
Severity
4.3
First published (updated )
CVE-2013-7397

redhat JBoss A-MQJBoss Fuse did not enable encrypted passwords by default in its usage of Apache Zookeeper. This perm…

Risk 13
Severity
2.1
First published (updated )
CVE-2014-0085

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203