VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Redhat
>
Fuse
> 1.0.0
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2023-09-14
CVE-2023-1108
Infinite Loop vulnerability in multiple products
A flaw was found in undertow.
network
low complexity
redhat
netapp
CWE-835
7.5
7.5
2020-07-06
CVE-2019-14900
SQL Injection vulnerability in multiple products
A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1.
network
low complexity
hibernate
redhat
quarkus
CWE-89
6.5
6.5
2019-11-08
CVE-2019-14860
Unspecified vulnerability in Redhat Fuse and Syndesis
It was found that the Syndesis configuration for Cross-Origin Resource Sharing was set to allow all origins.
network
low complexity
redhat
6.5
6.5
2019-05-23
CVE-2019-0201
Missing Authorization vulnerability in multiple products
An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta.
network
high complexity
apache
debian
redhat
oracle
netapp
CWE-862
5.9
5.9
2018-04-06
CVE-2018-1270
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module.
network
low complexity
vmware
oracle
redhat
debian
critical
9.8
9.8
2015-02-17
CVE-2015-1427
The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script.
network
low complexity
elastic
redhat
critical
9.8
9.8