Filter

Versions

maven/org.springframework.security:spring-security-coreIn Spring Security, versions 5.7.x prior to 5.7.8, versions 5.8.x prior to 5.8.3, and versions 6.0.x…

First published (updated )

Eclipse JettyInfoleak

First published (updated )

Oracle Communications Cloud Native Core Binding Support FunctionVulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported v…

First published (updated )

Netapp Active Iq Unified Manager LinuxActive IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 …

First published (updated )

Netapp Active Iq Unified Manager LinuxXSS

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Netapp Active Iq Unified Manager LinuxActive IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.10P1 …

First published (updated )

redhat/eap7-undertowA flaw was found in Undertow. Denial of service can be achieved as Undertow server waits for the LAS…

First published (updated )

Vmware Spring SecurityInteger Overflow

First published (updated )

redhat/spring-securityA flaw was found in Spring Security. When using RegexRequestMatcher, an easy misconfiguration can by…

First published (updated )

redhat/springframeworkA flaw was found in Spring Framework. Applications that handle file uploads are vulnerable to a deni…

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

redhat/eap7-nettyLocal Information Disclosure Vulnerability in io.netty:netty-codec-http

First published (updated )

ubuntu/libgoogle-gson-javaDeserialization of Untrusted Data

7.7
First published (updated )

Oracle WebLogic ServerCross-site Scripting in org.owasp.esapi:esapi -- antisamy-esapi.xml configuration file

First published (updated )

Oracle WebLogic ServerPath Traversal in ESAPI

First published (updated )

VMware Spring FrameworkInput Validation

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Redhat UndertowA flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response pack…

7.5
First published (updated )

redhat/eap7-undertowA flaw was found in Undertow. A potential security issue in flow control handling by the browser ove…

7.5
First published (updated )

Apache POIA carefully crafted TNEF file can cause an out of memory exception

First published (updated )

Cisco WebEx Meetings ServerApache Log4j2 Remote Code Execution Vulnerability

First published (updated )

IBM QRadar SIEMIn Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is p…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Oracle Banking Enterprise Default ManagementXSS

First published (updated )

Oracle Insurance Policy AdministrationApache Commons Compress 1.6 to 1.20 denial of service vulnerability

7.5
First published (updated )

Oracle Banking Digital ExperienceApache Commons Compress 1.6 to 1.20 denial of service vulnerability

7.5
First published (updated )

Oracle Banking ApisApache Commons Compress 1.0 to 1.20 denial of service vulnerability

7.5
First published (updated )

Oracle Banking ApisApache Commons Compress 1.1 to 1.20 denial of service vulnerability

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

redhat/jettyEclipse Jetty could allow a physical attacker to bypass security restrictions, caused by a session I…

3.6
First published (updated )

Redhat UndertowRace Condition

First published (updated )

redhat/jettyInfoleak

First published (updated )

Oracle Banking ApisPossible limited path traversal vulnerabily in Apache Commons IO

First published (updated )

redhat/eap7-undertowA flaw was found in Undertow where a potential security issue in flow control handling by browser ov…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Oracle Primavera GatewayCommand Injection

7.2
First published (updated )

redhat/eap7-artemis-wildfly-integrationLocal Information Disclosure Vulnerability in Netty on Unix-Like systems due temporary files

First published (updated )

redhat/eap7-activemq-artemisXSS

First published (updated )

maven/com.fasterxml.jackson.core:jackson-databindSSRF

First published (updated )

redhat/InfinispanA flaw was found in infinispan 10 REST API, where authorization permissions are not checked while pe…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

redhat/eap7-activemq-artemisA memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where host-controller tr…

First published (updated )

Oracle Primavera UnifierInput Validation

7.5
First published (updated )

Oracle Primavera UnifierTemp directory permission issue in Guava

First published (updated )

Oracle Banking Liquidity ManagementCode Injection

First published (updated )

Oracle Utilities Frameworkjackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a lar…

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Netapp Active Iq Unified Manager LinuxActive IQ Unified Manager for Linux versions prior to 9.6 ship with the Java Management Extension Re…

7.8
First published (updated )

Oracle Banking Digital ExperienceFasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadg…

First published (updated )

redhat/qpid-dispatchXSS

First published (updated )

Oracle Banking Digital ExperienceA flaw was found in jackson-databind 2.x in versions prior to 2.9.10.5. FasterXML jackson-databind 2…

First published (updated )

Oracle Banking Digital ExperienceFasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadg…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Oracle Banking Digital ExperienceFasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadg…

First published (updated )

redhat/eap7-apache-cxfA vulnerability was found in Undertow, where parsing invalid http request may cause http request smu…

First published (updated )

Oracle Primavera UnifierFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadg…

First published (updated )

Oracle Primavera UnifierFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadg…

First published (updated )

redhat/eap7-elytron-webFasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadg…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203