Filter
AND
Versions
Oracle Banking Digital ExperienceLast updated 24 July 2024
7.5
First published (updated )
Oracle Financial Services Enterprise Case ManagementTiming Attack Vulnerability for Apache Kafka Connect and Clients
5.9
First published (updated )
Quarkus QuarkusQuarkus: json payload getting processed prior to security checks when rest resources are used with annotations.
9.8
First published (updated )
redhat/eap7-jackson-databindIn FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a ch…
7.5
First published (updated )
maven/io.quarkus:quarkus-smallrye-graphql-clientQuarkus: graphql operations over websockets bypass
9.1
EPSS
0.07%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Quarkus QuarkusQuarkus CORS filter allows simple GET and POST requests with invalid Origin to proceed. Simple GET o…
7.5
First published (updated )
redhat/rh-sso7-keycloakHTTP fails to validate against control chars in header names which may lead to HTTP request smuggling
6.5
First published (updated )
Oracle Banking Digital ExperienceLast updated 24 July 2024
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Quarkus QuarkusMySQL Connector/J has no security check when external general entities are included in XML sources, …
7.9
First published (updated )
redhat/eap7-elytron-webPossible request smuggling in HTTP/2 due missing validation of content-length
5.9
First published (updated )
redhat/eap7-artemis-wildfly-integrationLocal Information Disclosure Vulnerability in Netty on Unix-Like systems due temporary files
6.2
First published (updated )
redhat/eap7-wildflyVulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported ve…
6.6
First published (updated )
Mongodb Java DriverMongoDB Java driver client-side field level encryption not verifying KMS host name
6.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/candlepinIn FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion can occur …
7.5
First published (updated )
Oracle Peoplesoft Enterprise Pt PeopletoolsThe Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a relate…
7.5
First published (updated )
Redhat Jboss Enterprise Application PlatformSQL Injection
6.5
First published (updated )
FasterXML jackson-dataformats-binaryDenial of Service (DoS)
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Redhat ResteasyUnder certain conditions and certain workloads, Resteasy can provide an incorrect response to an HTT…
4.3
First published (updated )
redhat/eap7-activemq-artemisA flaw was found in RESTEasy client in all versions of RESTEasy up to 4.5.6.Final. It may allow clie…
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Oracle Primavera UnifierTemp directory permission issue in Guava
5.4
First published (updated )
redhat/rh-sso7-keycloakA flaw was found in Keycloak’s Admin Console, where it is missing HTTP security headers in HTTP resp…
5.8
First published (updated )
redhat/eap7-apache-cxfCrafted input may cause the jsoup HTML and XML parser to get stuck, timeout, or throw unchecked exceptions
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.