Filter
Software
Quarkus QuarkusQuarkus: json payload getting processed prior to security checks when rest resources are used with annotations.
9.8
First published (updated )
Postgresql Postgresql Jdbc DriverUnchecked Class Instantiation when providing Plugin Classes
9.8
First published (updated )
Quarkus QuarkusIt was found that Quarkus 2.10.x does not terminate HTTP requests header context which may lead to u…
9.8
First published (updated )
IBM Cloud Pak for Business Automationblock repositories using http by default
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/io.quarkus:quarkus-smallrye-graphql-clientQuarkus: graphql operations over websockets bypass
9.1
EPSS
0.07%
First published (updated )
redhat/quarkusA flaw was found in Quarkus. The state and potentially associated permissions can leak from one web …
8.8
First published (updated )
Gradle GradleLocal privilege escalation through system temporary directory
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Gradle GradleRepository content filters do not work in Settings pluginManagement
8
First published (updated )
Quarkus QuarkusMySQL Connector/J has no security check when external general entities are included in XML sources, …
7.9
First published (updated )
Quarkus QuarkusQuarkus: build env information disclosure via gradle plugin
7.7
EPSS
0.09%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
FasterXML jackson-dataformats-binaryDenial of Service (DoS)
7.5
First published (updated )
Oracle Peoplesoft Enterprise Pt PeopletoolsThe Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a relate…
7.5
First published (updated )
Oracle Banking Digital ExperienceLast updated 24 July 2024
7.5
First published (updated )
Oracle Banking Digital ExperienceLast updated 24 July 2024
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/candlepinIn FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion can occur …
7.5
First published (updated )
redhat/eap7-jackson-databindIn FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a ch…
7.5
First published (updated )
redhat/eap7-apache-cxfCrafted input may cause the jsoup HTML and XML parser to get stuck, timeout, or throw unchecked exceptions
7.5
First published (updated )
Quarkus QuarkusQuarkus CORS filter allows simple GET and POST requests with invalid Origin to proceed. Simple GET o…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/io.quarkus:quarkus-oidcQuarkus-oidc: id and access tokens leak via the authorization code flow
7.5
First published (updated )
Mongodb Java DriverMongoDB Java driver client-side field level encryption not verifying KMS host name
6.8
First published (updated )
redhat/eap7-wildflyVulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported ve…
6.6
First published (updated )
redhat/eap7-nettyPossible request smuggling in HTTP/2 due missing validation
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.