Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Sdk, Java Technology Edition Security Vulnerabilities

redhatcve
redhatcve

CVE-2023-42503

Improper Input Validation, Uncontrolled Resource Consumption vulnerability in Apache Commons Compress in TAR parsing.This issue affects Apache Commons Compress: from 1.22 before 1.24.0. Users are recommended to upgrade to version 1.24.0, which fixes the issue. A third party can create a malformed.....

5.5CVSS

6.9AI Score

0.026EPSS

2024-07-01 08:20 PM
1
github
github

GeoServer's Server Status shows sensitive environmental variables and Java properties

GeoServer's Server Status page and REST API (at /geoserver/rest/about/status) lists all environment variables and Java properties to any GeoServer user with administrative rights as part of those modules' status message. These variables/properties can also contain sensitive information, such as...

4.5CVSS

6.9AI Score

EPSS

2024-07-01 07:20 PM
3
schneier
schneier

Upcoming Book on AI and Democracy

If you've been reading my blog, you've noticed that I have written a lot about AI and democracy, mostly with my co-author Nathan Sanders. I am pleased to announce that we're writing a book on the topic. This isn't a book about deep fakes, or misinformation. This is a book about what happens when...

7.3AI Score

2024-07-01 07:01 PM
2
wallarmlab
wallarmlab

CVE-2024-5655: GitLab Fixes CI/CD Vulnerability & 13 Other Flaws With Latest Patch Release

A security flaw that impacts specific versions of GitLab's Community and Enterprise Edition products was just detected. This vulnerability can be exploited to execute pipelines under any user's credentials. GitLab is a web-based DevOps platform offering tools for software development, version...

9.6CVSS

6.9AI Score

EPSS

2024-07-01 06:21 PM
2
ibm
ibm

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Netcool Impact

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Tivoli Netcool Impact. IBM Tivoli Netcool Impact has addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2024-21094 DESCRIPTION: **An unspecified vulnerability in Java SE related...

5.9CVSS

7.5AI Score

0.001EPSS

2024-07-01 05:20 PM
6
wordfence
wordfence

WordPress Security Research: A Beginner’s Series

Learn How To Find WordPress Vulnerabilities Step-by-Step Welcome to the inaugural post of our WordPress Security Research Beginner's Series! With the success of the Wordfence Bug Bounty Program, we wanted to provide emerging vulnerability researchers, and experienced Bug Bounty Hunters, with a...

7.7AI Score

2024-07-01 04:20 PM
1
wolfi
wolfi

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: flux-source-controller, grype, kubeflow-katib, ip-masq-agent, nghttp2, cortex, tctl, gke-gcloud-auth-plugin, mc, kubescape, gitlab-shell, kyverno, node-problem-detector, weaviate, kaf, metacontroller, prometheus-blackbox-exporter, helm, cluster-autoscaler,...

7.5CVSS

9AI Score

0.732EPSS

2024-07-01 03:27 PM
632
wolfi
wolfi

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: temporal-ui-server, supercronic, docker, logstash-exporter, prometheus-alertmanager, doppler-kubernetes-operator, flux-source-controller, kuberay-operator, grype, policy-controller, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, ip-masq-agent, zot, golangci-lint,...

7.5AI Score

2024-07-01 03:27 PM
189
wolfi
wolfi

GHSA-4265-CCF5-PHJ5 vulnerabilities

Vulnerabilities for packages: gradle, wavefront-proxy, neo4j, trino, jenkins, opensearch, dependency-track,...

7.5AI Score

2024-07-01 03:27 PM
98
wolfi
wolfi

CVE-2024-25710 vulnerabilities

Vulnerabilities for packages: gradle, wavefront-proxy, neo4j, trino, jenkins, opensearch, dependency-track,...

8.1CVSS

7AI Score

0.001EPSS

2024-07-01 03:27 PM
97
wolfi
wolfi

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: temporal-ui-server, supercronic, logstash-exporter, prometheus-alertmanager, direnv, doppler-kubernetes-operator, kuberay-operator, grype, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, mongo-tools, ip-masq-agent, golangci-lint, kubernetes, k3s, go-bindata,...

7.8AI Score

0.0004EPSS

2024-07-01 03:27 PM
201
wolfi
wolfi

GHSA-5MG8-W23W-74H3 vulnerabilities

Vulnerabilities for packages: gradle, maven, spdx-tools-java,...

7.5AI Score

2024-07-01 03:27 PM
11
wolfi
wolfi

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: logstash-exporter, direnv, dagdotdev, cloud-sql-proxy, mongo-tools, ip-masq-agent, zot, stern, swagger, kubescape, cni-plugins, clusterctl, nri-discovery-kubernetes, sbom-scorecard, node-problem-detector, prometheus-statsd-exporter, trivy, bincapz,...

6.8AI Score

0.0004EPSS

2024-07-01 03:27 PM
58
wolfi
wolfi

CVE-2024-24789 vulnerabilities

Vulnerabilities for packages: logstash-exporter, direnv, dagdotdev, cloud-sql-proxy, mongo-tools, ip-masq-agent, stern, swagger, hivemind, kubescape, pluto, cni-plugins, clusterctl, nri-discovery-kubernetes, sbom-scorecard, node-problem-detector, syft, prometheus-statsd-exporter, trivy,...

5.5CVSS

6.1AI Score

0.0004EPSS

2024-07-01 03:27 PM
28
wolfi
wolfi

CVE-2023-3978 vulnerabilities

Vulnerabilities for packages: prometheus-alertmanager, flux-source-controller, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, zot, k3s, tctl, gke-gcloud-auth-plugin, kubernetes-csi-external-provisioner, mc, kyverno, node-problem-detector, prometheus-pushgateway, flux-image-reflector-controller,....

6.1CVSS

7.3AI Score

0.001EPSS

2024-07-01 03:27 PM
94
wolfi
wolfi

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: temporal-ui-server, supercronic, docker, logstash-exporter, prometheus-alertmanager, doppler-kubernetes-operator, flux-source-controller, kuberay-operator, grype, policy-controller, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, ip-masq-agent, zot, golangci-lint,...

6.6AI Score

0.0004EPSS

2024-07-01 03:27 PM
30
wolfi
wolfi

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: temporal-ui-server, supercronic, logstash-exporter, prometheus-alertmanager, direnv, doppler-kubernetes-operator, kuberay-operator, grype, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, mongo-tools, ip-masq-agent, golangci-lint, kubernetes, k3s, go-bindata,...

7.8AI Score

0.0004EPSS

2024-07-01 03:27 PM
42
wolfi
wolfi

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: temporal-ui-server, supercronic, logstash-exporter, prometheus-alertmanager, direnv, doppler-kubernetes-operator, kuberay-operator, grype, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, mongo-tools, ip-masq-agent, golangci-lint, kubernetes, k3s, go-bindata,...

7.5AI Score

2024-07-01 03:27 PM
28
wolfi
wolfi

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: logstash-exporter, direnv, dagdotdev, cloud-sql-proxy, mongo-tools, ip-masq-agent, zot, stern, swagger, kubescape, cni-plugins, clusterctl, nri-discovery-kubernetes, sbom-scorecard, node-problem-detector, prometheus-statsd-exporter, trivy, bincapz,...

7.5AI Score

2024-07-01 03:27 PM
20
wolfi
wolfi

CVE-2024-24790 vulnerabilities

Vulnerabilities for packages: logstash-exporter, direnv, dagdotdev, cloud-sql-proxy, mongo-tools, ip-masq-agent, stern, swagger, hivemind, kubescape, pluto, cni-plugins, clusterctl, nri-discovery-kubernetes, sbom-scorecard, node-problem-detector, syft, prometheus-statsd-exporter, trivy,...

9.8CVSS

9.8AI Score

0.001EPSS

2024-07-01 03:27 PM
52
wolfi
wolfi

CVE-2023-1732 vulnerabilities

Vulnerabilities for packages: aactl,...

8.2CVSS

6.8AI Score

0.001EPSS

2024-07-01 03:27 PM
28
wolfi
wolfi

CVE-2023-39325 vulnerabilities

Vulnerabilities for packages: prometheus-alertmanager, flux-source-controller, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, zot, k3s, go, tctl, gke-gcloud-auth-plugin, kubernetes-csi-external-provisioner, mc, kubescape, gitlab-shell, kyverno, node-problem-detector, prometheus-pushgateway,...

7.5CVSS

8.4AI Score

0.002EPSS

2024-07-01 03:27 PM
50
wolfi
wolfi

GHSA-9763-4F94-GFCH vulnerabilities

Vulnerabilities for packages: pulumi-language-dotnet, zarf, flux, kaniko, flux-source-controller, policy-controller, skaffold, argo-cd, zot, pulumi-kubernetes-operator, terraform-provider-google, vexctl, crossplane, rclone, actions-runner-controller, terragrunt, gitsign, aactl, boring-registry,...

7.5AI Score

2024-07-01 03:27 PM
45
wolfi
wolfi

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: temporal-ui-server, supercronic, logstash-exporter, prometheus-alertmanager, direnv, doppler-kubernetes-operator, kuberay-operator, grype, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, mongo-tools, ip-masq-agent, golangci-lint, kubernetes, k3s, go-bindata,...

7.5AI Score

2024-07-01 03:27 PM
22
wolfi
wolfi

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: temporal-ui-server, supercronic, logstash-exporter, prometheus-alertmanager, direnv, doppler-kubernetes-operator, kuberay-operator, grype, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, mongo-tools, ip-masq-agent, golangci-lint, kubernetes, k3s, go-bindata,...

7.5AI Score

2024-07-01 03:27 PM
24
wolfi
wolfi

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: temporal-ui-server, supercronic, logstash-exporter, prometheus-alertmanager, direnv, doppler-kubernetes-operator, kuberay-operator, grype, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, mongo-tools, ip-masq-agent, golangci-lint, kubernetes, k3s, go-bindata,...

7.5AI Score

2024-07-01 03:27 PM
21
wolfi
wolfi

CVE-2024-26308 vulnerabilities

Vulnerabilities for packages: gradle, wavefront-proxy, neo4j, trino, jenkins, opensearch, dependency-track,...

5.5CVSS

7AI Score

0.001EPSS

2024-07-01 03:27 PM
25
wolfi
wolfi

CVE-2023-2976 vulnerabilities

Vulnerabilities for packages: gradle, maven, spdx-tools-java,...

7.1CVSS

6.9AI Score

0.0004EPSS

2024-07-01 03:27 PM
32
wolfi
wolfi

GHSA-4G9R-VXHX-9PGX vulnerabilities

Vulnerabilities for packages: gradle, wavefront-proxy, neo4j, trino, jenkins, opensearch, dependency-track,...

7.5AI Score

2024-07-01 03:27 PM
6
wolfi
wolfi

GHSA-49GW-VXVF-FC2G vulnerabilities

Vulnerabilities for packages: logstash-exporter, direnv, dagdotdev, cloud-sql-proxy, mongo-tools, ip-masq-agent, stern, swagger, hivemind, kubescape, pluto, cni-plugins, clusterctl, nri-discovery-kubernetes, sbom-scorecard, node-problem-detector, syft, prometheus-statsd-exporter, trivy,...

7.5AI Score

2024-07-01 03:27 PM
5
wolfi
wolfi

GHSA-2Q89-485C-9J2X vulnerabilities

Vulnerabilities for packages: aactl,...

7.5AI Score

2024-07-01 03:27 PM
12
wolfi
wolfi

GHSA-2WRH-6PVC-2JM9 vulnerabilities

Vulnerabilities for packages: prometheus-alertmanager, flux-source-controller, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, zot, k3s, tctl, gke-gcloud-auth-plugin, kubernetes-csi-external-provisioner, mc, kyverno, node-problem-detector, prometheus-pushgateway, flux-image-reflector-controller,....

7.5AI Score

2024-07-01 03:27 PM
28
wolfi
wolfi

GHSA-4374-P667-P6C8 vulnerabilities

Vulnerabilities for packages: prometheus-alertmanager, flux-source-controller, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, zot, k3s, go, tctl, gke-gcloud-auth-plugin, kubernetes-csi-external-provisioner, mc, kubescape, gitlab-shell, kyverno, node-problem-detector, prometheus-pushgateway,...

7.5AI Score

2024-07-01 03:27 PM
20
wolfi
wolfi

GHSA-M425-MQ94-257G vulnerabilities

Vulnerabilities for packages: pulumi-language-dotnet, kubernetes-csi-livenessprobe, influxd, flux-source-controller, grype, telegraf, prometheus-stackdriver-exporter, secrets-store-csi-driver, flux-helm-controller, kubeflow-katib, argo-cd, pulumi-kubernetes-operator, conftest, cortex, tctl, k3d,...

7.5AI Score

2024-07-01 03:27 PM
99
wolfi
wolfi

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: flux-source-controller, grype, kubeflow-katib, ip-masq-agent, nghttp2, cortex, tctl, gke-gcloud-auth-plugin, mc, kubescape, gitlab-shell, kyverno, node-problem-detector, weaviate, kaf, metacontroller, prometheus-blackbox-exporter, helm, cluster-autoscaler,...

7.5AI Score

2024-07-01 03:27 PM
26
wolfi
wolfi

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: temporal-ui-server, supercronic, logstash-exporter, prometheus-alertmanager, direnv, doppler-kubernetes-operator, kuberay-operator, grype, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, mongo-tools, ip-masq-agent, golangci-lint, kubernetes, k3s, go-bindata,...

7.5AI Score

2024-07-01 03:27 PM
25
wolfi
wolfi

GHSA-MW99-9CHC-XW7R vulnerabilities

Vulnerabilities for packages: pulumi-language-dotnet, src-fingerprint, argo-cd, zot, nuclei, pulumi-kubernetes-operator, tekton-pipelines, gitsign, gomplate, kots, pulumi, scorecard, go-licenses, bom, goreleaser, pulumi-language-yaml, pulumi-language-java, kubevela, gitness,...

7.5AI Score

2024-07-01 03:27 PM
16
wolfi
wolfi

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: temporal-ui-server, supercronic, logstash-exporter, prometheus-alertmanager, direnv, doppler-kubernetes-operator, kuberay-operator, grype, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, mongo-tools, ip-masq-agent, golangci-lint, kubernetes, k3s, go-bindata,...

7.9AI Score

0.0004EPSS

2024-07-01 03:27 PM
20
wolfi
wolfi

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: temporal-ui-server, supercronic, logstash-exporter, prometheus-alertmanager, direnv, doppler-kubernetes-operator, kuberay-operator, grype, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, mongo-tools, ip-masq-agent, golangci-lint, kubernetes, k3s, go-bindata,...

7.8AI Score

0.0004EPSS

2024-07-01 03:27 PM
27
wolfi
wolfi

CVE-2020-8908 vulnerabilities

Vulnerabilities for packages: gradle, maven, spdx-tools-java,...

3.3CVSS

6.5AI Score

0.001EPSS

2024-07-01 03:27 PM
15
wolfi
wolfi

GHSA-7G45-4RM6-3MM3 vulnerabilities

Vulnerabilities for packages: gradle, maven, spdx-tools-java,...

7.5AI Score

2024-07-01 03:27 PM
7
wolfi
wolfi

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: temporal-ui-server, supercronic, logstash-exporter, prometheus-alertmanager, direnv, doppler-kubernetes-operator, kuberay-operator, grype, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, mongo-tools, ip-masq-agent, golangci-lint, kubernetes, k3s, go-bindata,...

6AI Score

0.0004EPSS

2024-07-01 03:27 PM
20
wolfi
wolfi

GHSA-236W-P7WF-5PH8 vulnerabilities

Vulnerabilities for packages: logstash-exporter, direnv, dagdotdev, cloud-sql-proxy, mongo-tools, ip-masq-agent, stern, swagger, hivemind, kubescape, pluto, cni-plugins, clusterctl, nri-discovery-kubernetes, sbom-scorecard, node-problem-detector, syft, prometheus-statsd-exporter, trivy,...

7.5AI Score

2024-07-01 03:27 PM
4
wolfi
wolfi

CVE-2023-49568 vulnerabilities

Vulnerabilities for packages: pulumi-language-dotnet, src-fingerprint, argo-cd, zot, nuclei, pulumi-kubernetes-operator, tekton-pipelines, gitsign, gomplate, kots, pulumi, scorecard, go-licenses, bom, goreleaser, pulumi-language-yaml, pulumi-language-java, kubevela, gitness,...

7.5CVSS

7.8AI Score

0.0005EPSS

2024-07-01 03:27 PM
29
nvd
nvd

CVE-2024-34696

GeoServer is an open source server that allows users to share and edit geospatial data. Starting in version 2.10.0 and prior to versions 2.24.4 and 2.25.1, GeoServer's Server Status page and REST API lists all environment variables and Java properties to any GeoServer user with administrative...

4.5CVSS

EPSS

2024-07-01 03:15 PM
1
cve
cve

CVE-2024-34696

GeoServer is an open source server that allows users to share and edit geospatial data. Starting in version 2.10.0 and prior to versions 2.24.4 and 2.25.1, GeoServer's Server Status page and REST API lists all environment variables and Java properties to any GeoServer user with administrative...

4.5CVSS

5AI Score

EPSS

2024-07-01 03:15 PM
2
ibm
ibm

Security Bulletin: Multiple Vulnerabilities have been identified in IBM MQ shipped with IBM WebSphere Remote Server

Summary IBM MQ is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM MQ have been published in a security bulletin CVE-2024-25026, CVE-2024-22354, CVE-2024-27268, CVE-2024-22353, CVE-2023-51775, CVE-2024-22329, CVE-2024-31919, CVE-2024-21085,...

7.5CVSS

6.6AI Score

0.0005EPSS

2024-07-01 03:09 PM
1
ibm
ibm

Security Bulletin: Multiple security vulnerabilities in IBM SDK, Java Technology Edition affects IBM OpenPages

Summary IBM® SDK, Java™ Technology Edition is shipped as a supporting program of IBM OpenPages. Information about a security vulnerability affecting IBM SDK, Java Technology Edition has been published in multiple security bulletins. These products have addressed the applicable CVE(s). For a...

7AI Score

2024-07-01 02:38 PM
2
cvelist
cvelist

CVE-2024-34696 GeoServer's Server Status shows sensitive environmental variables and Java properties

GeoServer is an open source server that allows users to share and edit geospatial data. Starting in version 2.10.0 and prior to versions 2.24.4 and 2.25.1, GeoServer's Server Status page and REST API lists all environment variables and Java properties to any GeoServer user with administrative...

4.5CVSS

EPSS

2024-07-01 02:36 PM
2
ibm
ibm

Security Bulletin: Denial of service vulnerability in Amazon Ion may affect IBM Storage Protect Server

Summary IBM Storage Protect Server may be affected by denial of service caused by stack-based overflow in Amazon Ion. CVE-2024-21634. Vulnerability Details ** CVEID: CVE-2024-21634 DESCRIPTION: **Amazon Ion is vulnerable to a denial of service, caused by a stack-based overflow in ion-java for...

7.5CVSS

6.9AI Score

0.0005EPSS

2024-07-01 05:48 AM
2
Total number of security vulnerabilities106046