cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2012-5626,https://securityvulnerability.io/vulnerability/CVE-2012-5626,Authorization Bypass in Red Hat JBoss Products,"A vulnerability exists in multiple Red Hat JBoss products where the EJB method fails to properly enforce role permissions specified by the @RunAs annotation. This flaw could allow unauthorized users to execute certain actions or access sensitive information, undermining the security of the applications built on these platforms. It is crucial for users to implement appropriate measures to mitigate the risk associated with this vulnerability.",Red Hat,"Jboss Brms,Jboss Enterprise Application Platform,Jboss Operations Network,Jboss Portal,Jboss Soa Platform,Jboss Enterprise Web Server",7.5,HIGH,0.0008999999845400453,false,,false,false,false,,,false,false,,2020-01-23T18:10:30.000Z,0
CVE-2014-0245,https://securityvulnerability.io/vulnerability/CVE-2014-0245,Thread Safety Issue in JBoss Portal by Red Hat,"A thread safety vulnerability exists in the GTNSubjectCreatingInterceptor class of the GateIn WSRP implementation within JBoss Portal 6.2.0. Under high concurrency scenarios or notably long SOAP message executions, an unauthenticated remote attacker could exploit this vulnerability to access privileged information. This is particularly concerning if WS-Security is enabled for the WSRP Consumer and the endpoint is accessed by a privileged user, creating a potential attack vector that compromises data integrity and confidentiality.",Red Hat,Jboss Portal,5.9,MEDIUM,0.002859999891370535,false,,false,false,false,,,false,false,,2020-01-02T19:42:50.000Z,0