High Severity Vulnerabilities

Vulnerability Name	CVE CWE	CWE	Severity
JavaMelody XML External Entity (XXE) vulnerability	CVE-2018-15531 CWE-611	CWE-611	High
Java Unspesificed Vulnerability (CVE-2018-2941)	CVE-2018-2941		High
Java Unspesificed Vulnerability (CVE-2018-2964)	CVE-2018-2964		High
Java Unspesificed Vulnerability (CVE-2018-3149)	CVE-2018-3149		High
Java Unspesificed Vulnerability (CVE-2018-3169)	CVE-2018-3169		High
Java Unspesificed Vulnerability (CVE-2019-2602)	CVE-2019-2602		High
JBoss Application Server Directory Traversal Vulnerability (CVE-2006-5750)	CVE-2006-5750		High
JBoss Application Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1094)	CVE-2012-1094 CWE-200	CWE-200	High
Jboss Application Server HTTPServerILServlet.java remote code execution	CVE-2017-7504 CWE-502	CWE-502	High
JBoss Application Server Improper Privilege Management Vulnerability (CVE-2012-2312)	CVE-2012-2312 CWE-269	CWE-269	High
JBoss BSHDeployer MBean	CWE-200	CWE-200	High
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9511)	CVE-2019-9511 CWE-770	CWE-770	High
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9514)	CVE-2019-9514 CWE-770	CWE-770	High
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9515)	CVE-2019-9515 CWE-770	CWE-770	High
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9517)	CVE-2019-9517 CWE-770	CWE-770	High
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9518)	CVE-2019-9518 CWE-770	CWE-770	High
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2020-10705)	CVE-2020-10705 CWE-770	CWE-770	High
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-3171)	CVE-2023-3171 CWE-770	CWE-770	High
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-5379)	CVE-2023-5379 CWE-770	CWE-770	High
Jboss EAP CVE-2012-5626 Vulnerability (CVE-2012-5626)	CVE-2012-5626		High
Jboss EAP CVE-2016-6796 Vulnerability (CVE-2016-6796)	CVE-2016-6796		High
Jboss EAP CVE-2017-12189 Vulnerability (CVE-2017-12189)	CVE-2017-12189		High
Jboss EAP CVE-2022-1259 Vulnerability (CVE-2022-1259)	CVE-2022-1259		High
Jboss EAP CVE-2023-3223 Vulnerability (CVE-2023-3223)	CVE-2023-3223		High
Jboss EAP CVE-2024-7885 Vulnerability (CVE-2024-7885)	CVE-2024-7885		High
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2016-4978)	CVE-2016-4978 CWE-502	CWE-502	High
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2016-7065)	CVE-2016-7065 CWE-502	CWE-502	High
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2018-12022)	CVE-2018-12022 CWE-502	CWE-502	High
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2018-12023)	CVE-2018-12023 CWE-502	CWE-502	High
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-10086)	CVE-2019-10086 CWE-502	CWE-502	High
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2021-4104)	CVE-2021-4104 CWE-502	CWE-502	High
Jboss EAP Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-3859)	CVE-2021-3859 CWE-668	CWE-668	High
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3530)	CVE-2014-3530 CWE-200	CWE-200	High
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2183)	CVE-2016-2183 CWE-200	CWE-200	High
Jboss EAP Files or Directories Accessible to External Parties Vulnerability (CVE-2021-3717)	CVE-2021-3717 CWE-552	CWE-552	High
Jboss EAP Improper Handling of Exceptional Conditions Vulnerability (CVE-2018-8039)	CVE-2018-8039 CWE-755	CWE-755	High
Jboss EAP Improper Initialization Vulnerability (CVE-2023-4503)	CVE-2023-4503 CWE-665	CWE-665	High
Jboss EAP Improper Input Validation Vulnerability (CVE-2010-3708)	CVE-2010-3708 CWE-20	CWE-20	High
Jboss EAP Improper Input Validation Vulnerability (CVE-2013-2185)	CVE-2013-2185 CWE-20	CWE-20	High
Jboss EAP Improper Input Validation Vulnerability (CVE-2016-3110)	CVE-2016-3110 CWE-20	CWE-20	High
Jboss EAP Improper Input Validation Vulnerability (CVE-2020-1757)	CVE-2020-1757 CWE-20	CWE-20	High
Jboss EAP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1048)	CVE-2018-1048 CWE-22	CWE-22	High
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-10234)	CVE-2024-10234 CWE-707	CWE-707	High
Jboss EAP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2021-32027)	CVE-2021-32027 CWE-119	CWE-119	High
Jboss EAP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2019-10172)	CVE-2019-10172 CWE-611	CWE-611	High
Jboss EAP Inadequate Encryption Strength Vulnerability (CVE-2014-0224)	CVE-2014-0224 CWE-326	CWE-326	High
Jboss EAP Incomplete List of Disallowed Inputs Vulnerability (CVE-2018-5968)	CVE-2018-5968 CWE-184	CWE-184	High
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-7561)	CVE-2017-7561 CWE-444	CWE-444	High
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-12165)	CVE-2017-12165 CWE-444	CWE-444	High
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-16869)	CVE-2019-16869 CWE-444	CWE-444	High
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-7238)	CVE-2020-7238 CWE-444	CWE-444	High
Jboss EAP Incorrect Authorization Vulnerability (CVE-2019-14843)	CVE-2019-14843 CWE-863	CWE-863	High
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2017-2670)	CVE-2017-2670 CWE-835	CWE-835	High
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1041)	CVE-2018-1041 CWE-835	CWE-835	High
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1336)	CVE-2018-1336 CWE-835	CWE-835	High
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-0205)	CVE-2019-0205 CWE-835	CWE-835	High
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2023-1108)	CVE-2023-1108 CWE-835	CWE-835	High
Jboss EAP Missing Authorization Vulnerability (CVE-2019-10184)	CVE-2019-10184 CWE-862	CWE-862	High
Jboss EAP Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2022-0853)	CVE-2022-0853 CWE-401	CWE-401	High
Jboss EAP Observable Discrepancy Vulnerability (CVE-2022-3143)	CVE-2022-3143 CWE-203	CWE-203	High
Jboss EAP Other Vulnerability (CVE-2014-3490)	CVE-2014-3490		High
Jboss EAP Other Vulnerability (CVE-2019-9513)	CVE-2019-9513		High
Jboss EAP Out-of-bounds Read Vulnerability (CVE-2019-0210)	CVE-2019-0210 CWE-125	CWE-125	High
Jboss EAP Permission Issues Vulnerability (CVE-2016-7066)	CVE-2016-7066		High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4605)	CVE-2011-4605 CWE-264	CWE-264	High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4608)	CVE-2011-4608 CWE-264	CWE-264	High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5629)	CVE-2012-5629 CWE-264	CWE-264	High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2165)	CVE-2013-2165 CWE-264	CWE-264	High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-5406)	CVE-2016-5406 CWE-264	CWE-264	High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8656)	CVE-2016-8656 CWE-264	CWE-264	High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8657)	CVE-2016-8657 CWE-264	CWE-264	High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2019-3894)	CVE-2019-3894 CWE-264	CWE-264	High
Jboss EAP Reachable Assertion Vulnerability (CVE-2020-25710)	CVE-2020-25710 CWE-617	CWE-617	High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2016-8610)	CVE-2016-8610 CWE-400	CWE-400	High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2017-12174)	CVE-2017-12174 CWE-400	CWE-400	High

JavaMelody XML External Entity (XXE) vulnerability

CVE-2018-15531

CWE-611

High

Java Unspesificed Vulnerability (CVE-2018-2941)

CVE-2018-2941

High

Java Unspesificed Vulnerability (CVE-2018-2964)

CVE-2018-2964

High

Java Unspesificed Vulnerability (CVE-2018-3149)

CVE-2018-3149

High

Java Unspesificed Vulnerability (CVE-2018-3169)

CVE-2018-3169

High

Java Unspesificed Vulnerability (CVE-2019-2602)

CVE-2019-2602

High

JBoss Application Server Directory Traversal Vulnerability (CVE-2006-5750)

CVE-2006-5750

High

JBoss Application Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1094)

CVE-2012-1094

CWE-200

High

Jboss Application Server HTTPServerILServlet.java remote code execution

CVE-2017-7504

CWE-502

High

JBoss Application Server Improper Privilege Management Vulnerability (CVE-2012-2312)

CVE-2012-2312

CWE-269

High

JBoss BSHDeployer MBean

CWE-200

High

Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9511)

CVE-2019-9511

CWE-770

High

Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9514)

CVE-2019-9514

CWE-770

High

Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9515)

CVE-2019-9515

CWE-770

High

Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9517)

CVE-2019-9517

CWE-770

High

Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9518)

CVE-2019-9518

CWE-770

High

Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2020-10705)

CVE-2020-10705

CWE-770

High

Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-3171)

CVE-2023-3171

CWE-770

High

Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-5379)

CVE-2023-5379

CWE-770

High

Jboss EAP CVE-2012-5626 Vulnerability (CVE-2012-5626)

CVE-2012-5626

High

Jboss EAP CVE-2016-6796 Vulnerability (CVE-2016-6796)

CVE-2016-6796

High

Jboss EAP CVE-2017-12189 Vulnerability (CVE-2017-12189)

CVE-2017-12189

High

Jboss EAP CVE-2022-1259 Vulnerability (CVE-2022-1259)

CVE-2022-1259

High

Jboss EAP CVE-2023-3223 Vulnerability (CVE-2023-3223)

CVE-2023-3223

High

Jboss EAP CVE-2024-7885 Vulnerability (CVE-2024-7885)

CVE-2024-7885

High

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2016-4978)

CVE-2016-4978

CWE-502

High

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2016-7065)

CVE-2016-7065

CWE-502

High

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2018-12022)

CVE-2018-12022

CWE-502

High

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2018-12023)

CVE-2018-12023

CWE-502

High

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-10086)

CVE-2019-10086

CWE-502

High

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2021-4104)

CVE-2021-4104

CWE-502

High

Jboss EAP Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-3859)

CVE-2021-3859

CWE-668

High

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3530)

CVE-2014-3530

CWE-200

High

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2183)

CVE-2016-2183

CWE-200

High

Jboss EAP Files or Directories Accessible to External Parties Vulnerability (CVE-2021-3717)

CVE-2021-3717

CWE-552

High

Jboss EAP Improper Handling of Exceptional Conditions Vulnerability (CVE-2018-8039)

CVE-2018-8039

CWE-755

High

Jboss EAP Improper Initialization Vulnerability (CVE-2023-4503)

CVE-2023-4503

CWE-665

High

Jboss EAP Improper Input Validation Vulnerability (CVE-2010-3708)

CVE-2010-3708

CWE-20

High

Jboss EAP Improper Input Validation Vulnerability (CVE-2013-2185)

CVE-2013-2185

CWE-20

High

Jboss EAP Improper Input Validation Vulnerability (CVE-2016-3110)

CVE-2016-3110

CWE-20

High

Jboss EAP Improper Input Validation Vulnerability (CVE-2020-1757)

CVE-2020-1757

CWE-20

High

Jboss EAP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1048)

CVE-2018-1048

CWE-22

High

Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-10234)

CVE-2024-10234

CWE-707

High

Jboss EAP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2021-32027)

CVE-2021-32027

CWE-119

High

Jboss EAP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2019-10172)

CVE-2019-10172

CWE-611

High

Jboss EAP Inadequate Encryption Strength Vulnerability (CVE-2014-0224)

CVE-2014-0224

CWE-326

High

Jboss EAP Incomplete List of Disallowed Inputs Vulnerability (CVE-2018-5968)

CVE-2018-5968

CWE-184

High

Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-7561)

CVE-2017-7561

CWE-444

High

Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-12165)

CVE-2017-12165

CWE-444

High

Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-16869)

CVE-2019-16869

CWE-444

High

Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-7238)

CVE-2020-7238

CWE-444

High

Jboss EAP Incorrect Authorization Vulnerability (CVE-2019-14843)

CVE-2019-14843

CWE-863

High

Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2017-2670)

CVE-2017-2670

CWE-835

High

Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1041)

CVE-2018-1041

CWE-835

High

Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1336)

CVE-2018-1336

CWE-835

High

Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-0205)

CVE-2019-0205

CWE-835

High

Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2023-1108)

CVE-2023-1108

CWE-835

High

Jboss EAP Missing Authorization Vulnerability (CVE-2019-10184)

CVE-2019-10184

CWE-862

High

Jboss EAP Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2022-0853)

CVE-2022-0853

CWE-401

High

Jboss EAP Observable Discrepancy Vulnerability (CVE-2022-3143)

CVE-2022-3143

CWE-203

High

Jboss EAP Other Vulnerability (CVE-2014-3490)

CVE-2014-3490

High

Jboss EAP Other Vulnerability (CVE-2019-9513)

CVE-2019-9513

High

Jboss EAP Out-of-bounds Read Vulnerability (CVE-2019-0210)

CVE-2019-0210

CWE-125

High

Jboss EAP Permission Issues Vulnerability (CVE-2016-7066)

CVE-2016-7066

High

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4605)

CVE-2011-4605

CWE-264

High

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4608)

CVE-2011-4608

CWE-264

High

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5629)

CVE-2012-5629

CWE-264

High

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2165)

CVE-2013-2165

CWE-264

High

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-5406)

CVE-2016-5406

CWE-264

High

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8656)

CVE-2016-8656

CWE-264

High

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8657)

CVE-2016-8657

CWE-264

High

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2019-3894)

CVE-2019-3894

CWE-264

High

Jboss EAP Reachable Assertion Vulnerability (CVE-2020-25710)

CVE-2020-25710

CWE-617

High

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2016-8610)

CVE-2016-8610

CWE-400

High

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2017-12174)

CVE-2017-12174

CWE-400

High

Severity

Vulnerability Categories

Still Have Questions?

Take action and discover your vulnerabilities