ROOT-APP-MAVEN-CVE-2022-1471 CVE-2022-1471 in io.root.org.yaml:snakeyaml - Patched by Root

Root has patched CVE-2022-1471 in the io.root.org.yaml:snakeyaml package for Root:Maven. Multiple fixed versions available...

RCE (Remote Code Execution) org.yaml:snakeyaml Dependency in Confluence Data Center

This Confluence release includes updates to our org.yaml:snakeyaml dependency in response to CVE-2022-1471. Our security team has assessed that the current scope of this CVE does not present the same critical risk in our products, as our use of the dependency doesn’t support the known path for...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Installation Manager and IBM Packaging Utility (CVE-2025-1470, CVE-2025-1471)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 11 used by IBM Installation Manager and IBM Packaging Utility. The IBM Installation Manager and IBM Packaging Utility have addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-1470 DESCRIPTION: In...

Exploit for Deserialization of Untrusted Data in Snakeyaml_Project Snakeyaml

yaml-payload Exploit payload JAR for demonstrating CVE-2022-...

RHEL 8 : thunderbird (RHSA-2026:1471)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:1471 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Spoofing issue in the Downloads Panel component...

CVE-2025-1471

In Eclipse OMR versions 0.2.0 to 0.4.0, some of the z/OS atoe print functions use a constant length buffer for string conversion. If the input format string and arguments are larger than the buffer size then buffer overflow occurs. Beginning in version 0.5.0, the conversion buffers are sized...

Security Bulletin: Multiple Vulnerabilities in IBM Application Performance Management Core Framework.

Summary Multiple vulnerabilities were addressed in IBM Application Performance Management 8.1.4.0 Core Framework IF29 patch. Vulnerability Details CVEID:CVE-2025-1470 DESCRIPTION: In Eclipse OMR, from the initial contribution to version 0.4.0, some OMR internal port library and utilities consumer...

ECHO-6358-D799-1471

Bulletin has no description...

CVE-1999-1471

creationtimestamp| type| source ---|---|--- 2025-07-26 20:42:56+00:00| seen| https://gist.github.com/DEEPML1818/fef33d765177026df668a4476d4fe698 2025-07-26 20:48:36+00:00| seen| https://gist.github.com/DEEPML1818/8672f137125674c3936651ee63417e61 2026-02-17 07:21:35+00:00| seen|...

Security Bulletin: Vulnerabilities in IBM Java Runtime affect Tivoli Netcool/OMNIbus. (CVE-2025-1470, CVE-2025-1471)

Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by Tivoli Netcool/OMNIbus running on Linux on IBM Z Systems. Vulnerability Details CVEID:CVE-2025-1470 DESCRIPTION: In Eclipse OMR, from the initial contribution to version 0.4.0, some O...

Security Bulletin: Multiple vulnerabilities in IBM® SDK, Java™ Technology Edition affect IBM Storage Server (CVE-2025-1470, CVE-2025-1471).

Summary IBM Storage Protect Server is affected by multiple vulnerabilities in the IBM® SDK Java™ Technology Edition, Version 8. These vulnerabilities could potentially affect OpenJ9 internal ASCII to EBCDIC string wrapper on z/OS. Vulnerability Details CVEID:CVE-2025-1470 DESCRIPTION: In Eclipse...

Security Bulletin: Multiple vulnerabilities in IBM® SDK, Java™ Technology Edition affect IBM Storage Protect Operations Center (CVE-2025-1470, CVE-2025-1471).

Summary IBM Storage Protect Operations Center is affected by multiple vulnerabilities in the IBM® SDK Java™ Technology Edition, Version 8. These vulnerabilities could potentially affect OpenJ9 internal ASCII to EBCDIC string wrapper on z/OS. Vulnerability Details CVEID:CVE-2025-1470 DESCRIPTION: ...

CVE-2012-1471

Directory traversal vulnerability in cataloguefile.php in ocPortal before 7.1.6 allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...

Security Bulletin: IBM Integration Bus for z/OS is vulnerable to NULL Pointer Dereference and Out-of-bounds Write due to IBM Java ( CVE-2025-1470 & CVE-2025-1471)

Summary IBM Integration Bus for z/OS runtime is vulnerable to NULL Pointer Dereference and Out-of-bounds Write due to IBM Java. Vulnerability Details CVEID:CVE-2025-1470 DESCRIPTION: In Eclipse OMR, from the initial contribution to version 0.4.0, some OMR internal port library and utilities...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Installation Manager and IBM Packaging Utility

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 8 used by IBM Installation Manager and IBM Packaging Utility. The IBM Installation Manager and IBM Packaging Utility have addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-1470 DESCRIPTION: In...

Security Bulletin: IBM UrbanCode Build 6.1.7.10 addresses multiple vulnerabilities.

Summary Security Bulletin: IBM UrbanCode Build 6.1.7.10 addresses multiple vulnerabilities, listed in multiple CVEs CVE-2023-34981, CVE-2022-1471, CVE-2022-4065, CVE-2021-23450, CVE-2021-23450, CVE-2022-40151, CVE-2022-41966, CVE-2023-41080, CVE-2022-48285, CBE-2020-11971, CVE-2023-28709,...

CVE-2025-1471

In Eclipse OMR versions 0.2.0 to 0.4.0, some of the z/OS atoe print functions use a constant length buffer for string conversion. If the input format string and arguments are larger than the buffer size then buffer overflow occurs. Beginning in version 0.5.0, the conversion buffers are sized...

Security Bulletin: IBM Sterling Global High Availability Mailbox is affected by a SnakeYaml deserialization vulnerability (CVE-2022-1471)

Summary IBM Sterling Global High Availability Mailbox is affected by SnakeYaml's Constructor class it does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's...

RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2023:3198)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3198 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

RHEL 8 : OpenShift Container Platform 4.10.52 (RHSA-2023:0697)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0697 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...