Where
-Infinity
0

Trending

Last week
Last month
Last year

redhat JBoss Enterprise Application PlatformUndertow: undertow: request smuggling via malformed http request headers

Risk 66
Severity
9.1
First published (updated )
CVE-2026-28369

redhat JBoss Enterprise Application PlatformUndertow: undertow: request smuggling via inconsistent header parsing

Risk 66
Severity
9.1
First published (updated )
CVE-2026-28368

redhat JBoss Enterprise Application PlatformUndertow: undertow: request smuggling via `\r\r\r` as a header block terminator

Risk 66
Severity
9.1
First published (updated )
CVE-2026-28367

redhat Enterprise LinuxUndertow: undertow: denial of service due to premature multipart/form-data parsing in get requests

Risk 43
Severity
7.5
First published (updated )
CVE-2026-3260

redhat JBoss Enterprise Application PlatformUndertow-core: undertow http server fails to reject malformed host headers leading to potential cache poisoning and ssrf

Risk 76
Severity
9.6
First published (updated )
CVE-2025-12543
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

redhat JBoss Enterprise Application PlatformUndertow: undertow madeyoureset http/2 ddos vulnerability

Risk 31
Severity
7.5
EPSS
0.61%
First published (updated )
CVE-2025-9784

maven/io.undertow:undertow-coreUndertow: out-of-memory error after several closed connections with wildfly-http-client protocol

Risk 46
Severity
7.5
First published (updated )
CVE-2024-1635

redhat/eap7-undertowUndertow: infinite loop in sslconduit during close

Risk 46
Severity
7.5
First published (updated )
CVE-2023-1108

redhat Fabric8-kubernetesCode Injection

Risk 64
Severity
6.7
First published (updated )
CVE-2021-4178

redhat/eap7-apache-cxfA vulnerability was found in Undertow, where parsing invalid http request may cause http request smu…

Risk 40
Severity
6.5
First published (updated )
CVE-2020-10719
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Oracle Retail Price ManagementXSS

Risk 42
Severity
6.5
First published (updated )
CVE-2019-10219

Apache ZookeeperA flaw was found in Apache ZooKeeper. A lack of permission checks while retrieving ACLs allows unsal…

Risk 46
Severity
5.9
First published (updated )
CVE-2019-0201

redhat/eap7-glassfish-jsfA vulnerability was found in Infinispan before version 10.0.0 Final. The invokeAccessibly method fro…

Risk 81
Severity
8.8
First published (updated )
CVE-2019-10174

redhat JBoss Enterprise Application PlatformSQL Injection

Risk 40
Severity
6.5
First published (updated )
CVE-2019-14900

Oracle Application Testing SuiteSpring Framework version 5.0.5 when used in combination with any versions of Spring Security contain…

Risk 84
Severity
8.8
First published (updated )
CVE-2018-1258
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Oracle Retail Integration BusCode Injection, Input Validation

Risk 89
Severity
9.8
First published (updated )
CVE-2018-1270

redhat/springframework-securityInput Validation

Risk 46
Severity
7.5
First published (updated )
CVE-2018-1199

Apache TomcatApache Tomcat Remote Code Execution Vulnerability

Risk 92
Severity
8.1
Exploited
First published (updated )
CVE-2017-12617

Debian Debian LinuxInput Validation

Risk 45
Severity
7.5
First published (updated )
CVE-2017-7957

Oracle Policy AutomationIn Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive s…

Risk 87
Severity
9.8
First published (updated )
CVE-2017-5645
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache ShiroApache Shiro Code Execution Vulnerability

Risk 99
Severity
9.8
Exploited
First published (updated )
CVE-2016-4437

Elasticsearch ElasticsearchElasticsearch Groovy Scripting Engine Remote Code Execution Vulnerability

Risk 99
Severity
9.8
Exploited
First published (updated )
CVE-2015-1427

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203