High Severity Vulnerabilities

Vulnerability Name	CVE CWE	CWE	Severity
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2023-1108)	CVE-2023-1108 CWE-835	CWE-835	High
Jboss EAP Missing Authorization Vulnerability (CVE-2019-10184)	CVE-2019-10184 CWE-862	CWE-862	High
Jboss EAP Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2022-0853)	CVE-2022-0853 CWE-401	CWE-401	High
Jboss EAP Observable Discrepancy Vulnerability (CVE-2022-3143)	CVE-2022-3143 CWE-203	CWE-203	High
Jboss EAP Other Vulnerability (CVE-2014-3490)	CVE-2014-3490		High
Jboss EAP Other Vulnerability (CVE-2019-9513)	CVE-2019-9513		High
Jboss EAP Out-of-bounds Read Vulnerability (CVE-2019-0210)	CVE-2019-0210 CWE-125	CWE-125	High
Jboss EAP Permission Issues Vulnerability (CVE-2016-7066)	CVE-2016-7066		High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4605)	CVE-2011-4605 CWE-264	CWE-264	High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4608)	CVE-2011-4608 CWE-264	CWE-264	High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5629)	CVE-2012-5629 CWE-264	CWE-264	High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2165)	CVE-2013-2165 CWE-264	CWE-264	High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-5406)	CVE-2016-5406 CWE-264	CWE-264	High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8656)	CVE-2016-8656 CWE-264	CWE-264	High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8657)	CVE-2016-8657 CWE-264	CWE-264	High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2019-3894)	CVE-2019-3894 CWE-264	CWE-264	High
Jboss EAP Reachable Assertion Vulnerability (CVE-2020-25710)	CVE-2020-25710 CWE-617	CWE-617	High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2016-8610)	CVE-2016-8610 CWE-400	CWE-400	High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2017-12174)	CVE-2017-12174 CWE-400	CWE-400	High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2019-14888)	CVE-2019-14888 CWE-400	CWE-400	High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2019-19343)	CVE-2019-19343 CWE-400	CWE-400	High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-14384)	CVE-2020-14384 CWE-400	CWE-400	High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-25644)	CVE-2020-25644 CWE-400	CWE-400	High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2021-3629)	CVE-2021-3629 CWE-400	CWE-400	High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2021-3690)	CVE-2021-3690 CWE-400	CWE-400	High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)	CVE-2023-44487 CWE-400	CWE-400	High
Jboss EAP Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-12617)	CVE-2017-12617 CWE-434	CWE-434	High
Jboss EAP Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2018-1000180)	CVE-2018-1000180 CWE-327	CWE-327	High
Jboss EAP Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') Vulnerability (CVE-2017-7536)	CVE-2017-7536 CWE-470	CWE-470	High
Jboss EAP Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') Vulnerability (CVE-2019-10174)	CVE-2019-10174 CWE-470	CWE-470	High
Jboss EAP XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2018-1000632)	CVE-2018-1000632 CWE-91	CWE-91	High
JBoss HttpAdaptor JMXInvokerServlet	CWE-94	CWE-94	High
JBoss InvokerTransformer Remote Code Execution	CVE-2015-7501 CWE-502	CWE-502	High
JBoss JMX Console Unrestricted Access	CWE-200	CWE-200	High
JBoss JMX management console	CWE-200	CWE-200	High
JBoss Seam framework remote code execution	CVE-2010-1871 CWE-94	CWE-94	High
JBoss Seam remoting vulnerabilities	CVE-2013-6447 CVE-2013-6448 CWE-611	CWE-611	High
JBoss ServerInfo MBean	CVE-2010-0738 CWE-200	CWE-200	High
JBoss Server MBean	CWE-200	CWE-200	High
JBoss Web Console JMX Invoker	CWE-200	CWE-200	High
Jenkins Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-27900)	CVE-2023-27900 CWE-770	CWE-770	High
Jenkins Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-27901)	CVE-2023-27901 CWE-770	CWE-770	High
Jenkins Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2017-1000503)	CVE-2017-1000503 CWE-362	CWE-362	High
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-7537)	CVE-2015-7537 CWE-352	CWE-352	High
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-1000356)	CVE-2017-1000356 CWE-352	CWE-352	High
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-1000504)	CVE-2017-1000504 CWE-352	CWE-352	High
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10353)	CVE-2019-10353 CWE-352	CWE-352	High
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10384)	CVE-2019-10384 CWE-352	CWE-352	High
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-2160)	CVE-2020-2160 CWE-352	CWE-352	High
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-35141)	CVE-2023-35141 CWE-352	CWE-352	High
Jenkins CVE-2013-0329 Vulnerability (CVE-2013-0329)	CVE-2013-0329		High
Jenkins CVE-2014-2063 Vulnerability (CVE-2014-2063)	CVE-2014-2063		High
Jenkins CVE-2015-7538 Vulnerability (CVE-2015-7538)	CVE-2015-7538		High
Jenkins CVE-2023-43498 Vulnerability (CVE-2023-43498)	CVE-2023-43498		High
Jenkins CVE-2023-44487 Vulnerability (CVE-2023-44487)	CVE-2023-44487		High
Jenkins Deserialization of Untrusted Data Vulnerability (CVE-2017-2608)	CVE-2017-2608 CWE-502	CWE-502	High
Jenkins Deserialization of Untrusted Data Vulnerability (CVE-2021-21604)	CVE-2021-21604 CWE-502	CWE-502	High
Jenkins Deserialization of Untrusted Data Vulnerability (CVE-2022-0538)	CVE-2022-0538 CWE-502	CWE-502	High
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1000410)	CVE-2018-1000410 CWE-200	CWE-200	High
Jenkins Git Plugin missing permission check (CVE-2022-36883)	CVE-2022-36883 CWE-862	CWE-862	High
Jenkins Improper Access Control Vulnerability (CVE-2015-5325)	CVE-2015-5325 CWE-284	CWE-284	High
Jenkins Improper Authentication Vulnerability (CVE-2017-1000354)	CVE-2017-1000354 CWE-287	CWE-287	High
Jenkins Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2024-43044)	CVE-2024-43044 CWE-754	CWE-754	High
Jenkins Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-3666)	CVE-2014-3666 CWE-94	CWE-94	High
Jenkins Improper Input Validation Vulnerability (CVE-2012-4438)	CVE-2012-4438 CWE-20	CWE-20	High
Jenkins Improper Input Validation Vulnerability (CVE-2016-0792)	CVE-2016-0792 CWE-20	CWE-20	High
Jenkins Improper Input Validation Vulnerability (CVE-2017-1000391)	CVE-2017-1000391 CWE-20	CWE-20	High
Jenkins Improper Input Validation Vulnerability (CVE-2017-1000394)	CVE-2017-1000394 CWE-20	CWE-20	High
Jenkins Improper Input Validation Vulnerability (CVE-2018-1999001)	CVE-2018-1999001 CWE-20	CWE-20	High
Jenkins Improper Input Validation Vulnerability (CVE-2018-1999002)	CVE-2018-1999002 CWE-20	CWE-20	High
Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000194)	CVE-2018-1000194 CWE-22	CWE-22	High
Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000863)	CVE-2018-1000863 CWE-22	CWE-22	High
Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-21605)	CVE-2021-21605 CWE-22	CWE-22	High
Jenkins Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-21686)	CVE-2021-21686 CWE-59	CWE-59	High
Jenkins Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2017-1000393)	CVE-2017-1000393 CWE-138	CWE-138	High

Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2023-1108)

CVE-2023-1108

CWE-835

High

Jboss EAP Missing Authorization Vulnerability (CVE-2019-10184)

CVE-2019-10184

CWE-862

High

Jboss EAP Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2022-0853)

CVE-2022-0853

CWE-401

High

Jboss EAP Observable Discrepancy Vulnerability (CVE-2022-3143)

CVE-2022-3143

CWE-203

High

Jboss EAP Other Vulnerability (CVE-2014-3490)

CVE-2014-3490

High

Jboss EAP Other Vulnerability (CVE-2019-9513)

CVE-2019-9513

High

Jboss EAP Out-of-bounds Read Vulnerability (CVE-2019-0210)

CVE-2019-0210

CWE-125

High

Jboss EAP Permission Issues Vulnerability (CVE-2016-7066)

CVE-2016-7066

High

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4605)

CVE-2011-4605

CWE-264

High

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4608)

CVE-2011-4608

CWE-264

High

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5629)

CVE-2012-5629

CWE-264

High

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2165)

CVE-2013-2165

CWE-264

High

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-5406)

CVE-2016-5406

CWE-264

High

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8656)

CVE-2016-8656

CWE-264

High

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8657)

CVE-2016-8657

CWE-264

High

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2019-3894)

CVE-2019-3894

CWE-264

High

Jboss EAP Reachable Assertion Vulnerability (CVE-2020-25710)

CVE-2020-25710

CWE-617

High

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2016-8610)

CVE-2016-8610

CWE-400

High

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2017-12174)

CVE-2017-12174

CWE-400

High

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2019-14888)

CVE-2019-14888

CWE-400

High

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2019-19343)

CVE-2019-19343

CWE-400

High

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-14384)

CVE-2020-14384

CWE-400

High

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-25644)

CVE-2020-25644

CWE-400

High

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2021-3629)

CVE-2021-3629

CWE-400

High

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2021-3690)

CVE-2021-3690

CWE-400

High

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)

CVE-2023-44487

CWE-400

High

Jboss EAP Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-12617)

CVE-2017-12617

CWE-434

High

Jboss EAP Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2018-1000180)

CVE-2018-1000180

CWE-327

High

Jboss EAP Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') Vulnerability (CVE-2017-7536)

CVE-2017-7536

CWE-470

High

Jboss EAP Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') Vulnerability (CVE-2019-10174)

CVE-2019-10174

CWE-470

High

Jboss EAP XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2018-1000632)

CVE-2018-1000632

CWE-91

High

JBoss HttpAdaptor JMXInvokerServlet

CWE-94

High

JBoss InvokerTransformer Remote Code Execution

CVE-2015-7501

CWE-502

High

JBoss JMX Console Unrestricted Access

CWE-200

High

JBoss JMX management console

CWE-200

High

JBoss Seam framework remote code execution

CVE-2010-1871

CWE-94

High

JBoss Seam remoting vulnerabilities

CVE-2013-6447 CVE-2013-6448

CWE-611

High

JBoss ServerInfo MBean

CVE-2010-0738

CWE-200

High

JBoss Server MBean

CWE-200

High

JBoss Web Console JMX Invoker

CWE-200

High

Jenkins Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-27900)

CVE-2023-27900

CWE-770

High

Jenkins Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-27901)

CVE-2023-27901

CWE-770

High

Jenkins Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2017-1000503)

CVE-2017-1000503

CWE-362

High

Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-7537)

CVE-2015-7537

CWE-352

High

Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-1000356)

CVE-2017-1000356

CWE-352

High

Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-1000504)

CVE-2017-1000504

CWE-352

High

Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10353)

CVE-2019-10353

CWE-352

High

Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10384)

CVE-2019-10384

CWE-352

High

Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-2160)

CVE-2020-2160

CWE-352

High

Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-35141)

CVE-2023-35141

CWE-352

High

Jenkins CVE-2013-0329 Vulnerability (CVE-2013-0329)

CVE-2013-0329

High

Jenkins CVE-2014-2063 Vulnerability (CVE-2014-2063)

CVE-2014-2063

High

Jenkins CVE-2015-7538 Vulnerability (CVE-2015-7538)

CVE-2015-7538

High

Jenkins CVE-2023-43498 Vulnerability (CVE-2023-43498)

CVE-2023-43498

High

Jenkins CVE-2023-44487 Vulnerability (CVE-2023-44487)

CVE-2023-44487

High

Jenkins Deserialization of Untrusted Data Vulnerability (CVE-2017-2608)

CVE-2017-2608

CWE-502

High

Jenkins Deserialization of Untrusted Data Vulnerability (CVE-2021-21604)

CVE-2021-21604

CWE-502

High

Jenkins Deserialization of Untrusted Data Vulnerability (CVE-2022-0538)

CVE-2022-0538

CWE-502

High

Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1000410)

CVE-2018-1000410

CWE-200

High

Jenkins Git Plugin missing permission check (CVE-2022-36883)

CVE-2022-36883

CWE-862

High

Jenkins Improper Access Control Vulnerability (CVE-2015-5325)

CVE-2015-5325

CWE-284

High

Jenkins Improper Authentication Vulnerability (CVE-2017-1000354)

CVE-2017-1000354

CWE-287

High

Jenkins Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2024-43044)

CVE-2024-43044

CWE-754

High

Jenkins Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-3666)

CVE-2014-3666

CWE-94

High

Jenkins Improper Input Validation Vulnerability (CVE-2012-4438)

CVE-2012-4438

CWE-20

High

Jenkins Improper Input Validation Vulnerability (CVE-2016-0792)

CVE-2016-0792

CWE-20

High

Jenkins Improper Input Validation Vulnerability (CVE-2017-1000391)

CVE-2017-1000391

CWE-20

High

Jenkins Improper Input Validation Vulnerability (CVE-2017-1000394)

CVE-2017-1000394

CWE-20

High

Jenkins Improper Input Validation Vulnerability (CVE-2018-1999001)

CVE-2018-1999001

CWE-20

High

Jenkins Improper Input Validation Vulnerability (CVE-2018-1999002)

CVE-2018-1999002

CWE-20

High

Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000194)

CVE-2018-1000194

CWE-22

High

Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000863)

CVE-2018-1000863

CWE-22

High

Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-21605)

CVE-2021-21605

CWE-22

High

Jenkins Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-21686)

CVE-2021-21686

CWE-59

High

Jenkins Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2017-1000393)

CVE-2017-1000393

CWE-138

High

Severity

Vulnerability Categories

Still Have Questions?

Take action and discover your vulnerabilities