Vulnerabilities > Oracle > Glassfish Server

DATE CVE VULNERABILITY TITLE RISK
2017-07-17 CVE-2017-1000029 Information Exposure vulnerability in Oracle Glassfish Server 3.0.1
Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Local File Inclusion vulnerability, that makes it possible to include arbitrary files on the server, this vulnerability can be exploited without any prior authentication.
network
low complexity
oracle CWE-200
7.5
2017-07-17 CVE-2017-1000028 Path Traversal vulnerability in Oracle Glassfish Server 4.1
Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request.
network
low complexity
oracle CWE-22
7.5
2017-04-24 CVE-2017-3626 Unspecified vulnerability in Oracle Glassfish Server 3.1.2
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces).
network
high complexity
oracle
3.1
2017-01-27 CVE-2017-3250 Information Exposure vulnerability in Oracle Glassfish Server 2.1.1/3.0.1/3.1.2
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security).
network
low complexity
oracle CWE-200
7.3
2017-01-27 CVE-2017-3249 Unspecified vulnerability in Oracle Glassfish Server 2.1.1/3.0.1/3.1.2
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security).
network
low complexity
oracle
7.3
2017-01-27 CVE-2017-3247 Unspecified vulnerability in Oracle Glassfish Server 2.1.1/3.0.1/3.1.2
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Core).
network
low complexity
oracle
4.3
2017-01-27 CVE-2017-3239 Information Exposure vulnerability in Oracle Glassfish Server 3.0.1/3.1.2
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration).
local
low complexity
oracle CWE-200
3.3
2017-01-27 CVE-2016-5528 Unspecified vulnerability in Oracle Glassfish Server 2.1.1/3.0.1/3.1.2
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security).
network
high complexity
oracle
critical
9.0
2016-10-25 CVE-2016-5519 Unspecified vulnerability in Oracle Glassfish Server 2.1.1/3.0.1/3.1.2
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Java Server Faces.
network
low complexity
oracle
8.8
2016-07-21 CVE-2016-5477 Unspecified vulnerability in Oracle Glassfish Server 2.1.1/3.0.1
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1 and 3.0.1 allows remote attackers to affect confidentiality via vectors related to Administration.
network
low complexity
oracle
5.8