CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2025/09/22 3:36 p.m.•2 views

No title provided

A path traversal validation flaw exists in Keycloak’s vault key handling on Windows. The previous fix for CVE-2024-10492 did not account for the Windows file separator . As a result, a high-privilege administrator could probe for the existence of files outside the expected realm context through...

Circl•added 2025/09/16 7:27 p.m.•4 views

Exploits0References2

CVE-2025-10492

creationtimestamp| type| source ---|---|--- 2025-09-16 19:27:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lyy2hw5lq52i 2025-10-07 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-948/ 2026-01-10 19:54:39+00:00| seen|...

9.8CVSS6.9AI score0.00656EPSS

Exploits0References4

vulnersOsv•added 2025/09/16 6:31 p.m.•3 views

africa.absa:inception-reporting (>=1.0.0 <=1.2.0), africa.absa:inception-reporting-api (>=1.0.0 <=1.2.0) +423 more potentially affected by CVE-2025-10492 via net.sf.jasperreports:jasperreports (>=3.7.0 <=7.0.3)

net.sf.jasperreports:jasperreports MAVEN version =3.7.0, =1.0.0, =1.0.0, =4.0.4, =1.0.0, =1.0.7, =2.1.0, =2.1.0, =0.0.1, =0.0.1, =20.3.0, =24.2.0, =20.3.0, =2.23.5, =2.23.5, =23.1.0, =25.11.0 and more Source cves: CVE-2025-10492 Source advisory: SNYK:JAVA-NETSFJASPERREPORTS-14912438...

9.8CVSS7AI score0.00656EPSS

vulnersOsv•added 2025/09/16 6:31 p.m.•5 views

9.8CVSS7AI score0.00656EPSS

UbuntuCve•added 2025/09/16 5:15 p.m.•2 views

CVE-2025-10492

A Java deserialisation vulnerability has been discovered in Jaspersoft Library. Improper handling of externally supplied data may allow attackers to execute arbitrary code remotely on systems that use the affected library...

9.8CVSS7.2AI score0.00656EPSS

CVE•added 2025/09/05 8:6 p.m.•12 views

CVE-2025-10043

CVE-2025-10043 is rejected/not used as stated; not an active vulnerability entry.

3.5AI score

vulnersOsv•added 2025/09/05 12:0 a.m.•4 views

ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17) +215 more potentially affected by CVE-2024-10492 +1 more via org.keycloak:keycloak-services (>=10.0.0 <=9.0.3)

org.keycloak:keycloak-services MAVEN version =10.0.0, =0.1.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =0.1, =0.1, =1.0.1, =0.1, =1.0.1, =0.1, =1.2.0, =1.4.11 - com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak =24.3.0.0 -...

RedhatCVE•added 2025/05/22 8:10 a.m.•6 views

CVE-2019-10492

Boot image not getting verified by AVB in Snapdragon Auto, Snapdragon Mobile, Snapdragon Wearables in MDM9607, MSM8909W, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 820, SD 820A, SDM439...

7.8CVSS7.4AI score0.00017EPSS

RedHat Linux•added 2024/11/27 2:53 p.m.•24 views

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

6.3CVSS7.2AI score0.00941EPSS

Exploits0References2

vulnersOsv•added 2024/11/25 6:37 p.m.•5 views

de.arbeitsagentur.opdt:keycloak-cassandra-model-tests (>=3.0.1-25.0 <=4.0.5-25.0), org.keycloak:keycloak-guides (>=25.0.0 <=26.0.5) +6 more potentially affected by CVE-2024-10492 via org.keycloak:keycloak-quarkus-server (>=25.0.0 <=26.0.5)

org.keycloak:keycloak-quarkus-server MAVEN version =25.0.0, =3.0.1-25.0, =25.0.0, =25.0.0, =25.0.0, =26.0.0, =25.0.0, =25.0.0, =26.0.0, =26.0.5 Source cves: CVE-2024-10492 Source advisory: OSV:GHSA-5545-R4HG-RJ4M...

vulnersOsv•added 2024/11/25 6:37 p.m.•4 views

de.arbeitsagentur.opdt:keycloak-cassandra-model-tests (>=2.5.6-24.0 <=4.0.5-25.0), io.kokuwa.keycloak:keycloak-event-metrics (>=0.1.0 <=1.0.0) +8 more potentially affected by CVE-2024-10492 via org.keycloak:keycloak-quarkus-server (>=12.0.0 <=26.0.5)

org.keycloak:keycloak-quarkus-server MAVEN version =12.0.0, =2.5.6-24.0, =0.1.0, =15.1.0, =15.1.0, =21.1.0, =26.0.0, =15.1.0, =12.0.0, =12.0.0, =26.0.0, =26.0.5 Source cves: CVE-2024-10492 Source advisory: OSV:GHSA-5545-R4HG-RJ4M...

RedHat Linux•added 2024/11/21 7:23 p.m.•16 views

Important: Red Hat Security Advisory: Red Hat build of Keycloak 24.0.9 Update

New Red Hat build of Keycloak 24.0.9 packages with security impact Important are available from the Customer Portal Red Hat build of Keycloak 24.0.9 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobi...

6.5CVSS6AI score0.00167EPSS

Exploits0References6

RedHat Linux•added 2024/11/21 7:23 p.m.•17 views

Important: Red Hat Security Advisory: Red Hat build of Keycloak 24.0.9 Images Update

New images with security impact Important are available for Red Hat build of Keycloak 24.0.9 and Red Hat build of Keycloak 24.0.9 Operator, running on OpenShift Container Platform. Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift...

6.5CVSS6AI score0.00167EPSS

Exploits0References6

NVD•added 2019/09/30 4:15 p.m.•17 views

CVE-2019-10492

7.8CVSS7.8AI score0.00017EPSS

Cvelist•added 2019/09/30 3:40 p.m.•21 views

CVE-2019-10492

7.8AI score0.00017EPSS