Vulnerabilities > Oracle > Glassfish Server
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-06-25 | CVE-2021-3314 | Cross-site Scripting vulnerability in Oracle Glassfish Server Oracle GlassFish Server 3.1.2.18 and below allows /common/logViewer/logViewer.jsf XSS. | 6.1 |
2018-10-17 | CVE-2018-3210 | Unspecified vulnerability in Oracle Glassfish Server 3.1.2 Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). | 5.3 |
2018-10-17 | CVE-2018-3152 | Unspecified vulnerability in Oracle Glassfish Server 3.1.2 Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration). | 7.5 |
2018-10-17 | CVE-2018-2911 | Unspecified vulnerability in Oracle Glassfish Server 3.1.2 Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). | 8.3 |
2018-07-16 | CVE-2018-14324 | Use of Hard-coded Credentials vulnerability in Oracle Glassfish Server 5.0 The demo feature in Oracle GlassFish Open Source Edition 5.0 has TCP port 7676 open by default with a password of admin for the admin account. | 9.8 |
2017-10-19 | CVE-2017-10400 | Unspecified vulnerability in Oracle Glassfish Server 3.1.2 Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration Graphical User Interface). | 5.4 |
2017-10-19 | CVE-2017-10393 | Unspecified vulnerability in Oracle Glassfish Server 3.0.1/3.1.2 Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Web Container). | 6.3 |
2017-10-19 | CVE-2017-10391 | Unspecified vulnerability in Oracle Glassfish Server 3.0.1/3.1.2 Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration). | 7.3 |
2017-10-19 | CVE-2017-10385 | Unspecified vulnerability in Oracle Glassfish Server 3.0.1/3.1.2 Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Web Container). | 6.3 |
2017-07-17 | CVE-2017-1000030 | Improper Authentication vulnerability in Oracle Glassfish Server 3.0.1 Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Java Key Store Password Disclosure vulnerability, that makes it possible to provide an unauthenticated attacker plain text password of administrative user and grant access to the web-based administration interface. | 9.8 |