Filter
AND

Quarkus QuarkusQuarkus: json payload getting processed prior to security checks when rest resources are used with annotations.

First published (updated )

Quarkus QuarkusCode Injection

First published (updated )

Postgresql Postgresql Jdbc DriverUnchecked Class Instantiation when providing Plugin Classes

First published (updated )

Quarkus QuarkusIt was found that Quarkus 2.10.x does not terminate HTTP requests header context which may lead to u…

First published (updated )

IBM Cloud Pak for Business Automationblock repositories using http by default

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

maven/io.quarkus:quarkus-smallrye-graphql-clientQuarkus: graphql operations over websockets bypass

EPSS
0.07%
First published (updated )

redhat/quarkusA flaw was found in Quarkus. The state and potentially associated permissions can leak from one web …

8.8
First published (updated )

maven/org.keycloak:keycloak-commonInput Validation

8.8
First published (updated )

Gradle GradleLocal privilege escalation through system temporary directory

8.8
First published (updated )

Quarkus QuarkusQuarkus: http security policy bypass

8.1
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Gradle GradleRepository content filters do not work in Settings pluginManagement

First published (updated )

Quarkus QuarkusMySQL Connector/J has no security check when external general entities are included in XML sources, …

7.9
First published (updated )

redhat/postgresql-jdbcXEE

7.7
First published (updated )

Quarkus QuarkusQuarkus: build env information disclosure via gradle plugin

7.7
EPSS
0.09%
First published (updated )

Oracle Banking PlatformXEE

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Oracle Primavera UnifierInput Validation

7.5
First published (updated )

FasterXML jackson-dataformats-binaryDenial of Service (DoS)

7.5
First published (updated )

Oracle Peoplesoft Enterprise Pt PeopletoolsThe Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a relate…

7.5
First published (updated )

Oracle Banking Digital ExperienceLast updated 24 July 2024

7.5
First published (updated )

Oracle Banking Digital ExperienceLast updated 24 July 2024

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

redhat/candlepinIn FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion can occur …

7.5
First published (updated )

redhat/eap7-jackson-databindIn FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a ch…

7.5
First published (updated )

redhat/eap7-apache-cxfCrafted input may cause the jsoup HTML and XML parser to get stuck, timeout, or throw unchecked exceptions

7.5
First published (updated )

Quarkus QuarkusQuarkus CORS filter allows simple GET and POST requests with invalid Origin to proceed. Simple GET o…

7.5
First published (updated )

redhat/eap7-apache-commons-ioInput Validation

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

maven/io.quarkus:quarkus-oidcQuarkus-oidc: id and access tokens leak via the authorization code flow

7.5
First published (updated )

redhat/eap7-hibernateSQL Injection

7.4
First published (updated )

Mongodb Java DriverMongoDB Java driver client-side field level encryption not verifying KMS host name

First published (updated )

redhat/eap7-wildflyVulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported ve…

First published (updated )

redhat/eap7-nettyPossible request smuggling in HTTP/2 due missing validation

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203