Filter
AND
AND

redhat/OpenSSLIncorrect cipher key & IV length processing

high
7.5
EPSS
0.11%
First published (updated )
CVE-2023-5363

IBM Cognos Analytics21 vulnerabilities

First published (updated )
IBM-7173592

Apache Santuario: Private Key disclosure in debug-log output

medium
6.5
First published (updated )
CVE-2023-44483

Jetty vulnerable to errant command quoting in CGI Servlet

medium
4.3
First published (updated )
CVE-2023-36479

Code Injection

high
7.8
EPSS
0.04%
First published (updated )
CVE-2024-21892

Path Traversal

high
8.8
EPSS
0.04%
First published (updated )
CVE-2024-21891

Node.js could allow a remote attacker to bypass security restrictions, caused by the improper handli…

medium
6.5
EPSS
0.04%
First published (updated )
CVE-2024-21890

IBM Cognos Analytics cross-site scripting

medium
6.1
First published (updated )
CVE-2024-25042

Path Traversal

high
7.9
EPSS
0.04%
First published (updated )
CVE-2024-21896

Node.js is vulnerable to a denial of service, caused by an error when reading unprocessed HTTP reque…

high
7.5
EPSS
0.04%
First published (updated )
CVE-2024-22019

Node.js could allow a local attacker to gain elevated privileges on the system, caused by the failur…

high
7.3
First published (updated )
CVE-2024-22017

Node.js is vulnerable to a denial of service, caused by a resource exhaustion flaw in fetch() brotli…

medium
6.5
EPSS
0.04%
First published (updated )
CVE-2024-22025

Node.js versions which bundle an unpatched version of OpenSSL or run against a dynamically linked ve…

high
7.4
First published (updated )
CVE-2023-46809

IBM WebSphere Application Server Liberty cross-site scripting

medium
4.7
EPSS
0.04%
First published (updated )
CVE-2024-27270

Jetty's OpenId Revoked authentication allows one request

medium
4.3
First published (updated )
CVE-2023-41900

XSS

medium
6.1
First published (updated )
CVE-2019-10241

Race Condition

high
7
First published (updated )
CVE-2020-27216

Eclipse Jetty could allow a physical attacker to bypass security restrictions, caused by a session I…

low
3.6
First published (updated )
CVE-2021-34428

Infoleak

medium
5.3
First published (updated )
CVE-2021-28169

Eclipse Jetty could allow a remote attacker to hijack a user's session, caused by a flaw in the File…

high
8.8
First published (updated )
CVE-2018-12538

In Eclipse Jetty version 9.3.x and 9.4.x, the server is vulnerable to Denial of Service conditions i…

high
7.5
First published (updated )
CVE-2018-12545

Malicious File Upload

critical
9.8
First published (updated )
CVE-2022-29622

IBM WebSphere Application Server Liberty denial of service

high
7.5
First published (updated )
CVE-2023-38737

FedoraNode.js could allow a remote attacker to bypass security restrictions, caused by the circumvention o…

high
7.5
First published (updated )
CVE-2023-38552

AndroidIn the xmlSnprintfElementContent function of valid.c, there is a possible out of bounds write. This …

high
8.8
First published (updated )
CVE-2018-9466

Apache ShiroApache Shiro before 1.13.0 or 2.0.0-alpha-4, may be susceptible to a path traversal attack that results in an authentication bypass when used together with path rewriting

medium
6.6
First published (updated )
CVE-2023-46749

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Apache ShiroApache Shiro: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Shiro.

high
7.4
First published (updated )
CVE-2023-46750

redhat/rh-sso7-keycloakInefficient Regular Expression Complexity in moment

high
7.5
First published (updated )
CVE-2022-31129

IBM Cognos Analyticsvm2 Sandbox Escape vulnerability

critical
10
First published (updated )
CVE-2023-37466

IBM Cognos AnalyticsCode Injection

medium
5.3
First published (updated )
CVE-2023-39333

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203