BIT-JRE-2023-22045

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6,...

BIT-JAVA-MIN-2023-22045

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6,...

PT-2026-37976

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u371-perf, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 21.3.6, 22.3.2; Oracle GraalVM for...

CVE-2025-67505

Okta Java Management SDK facilitates interactions with the Okta management API. In versions 11.0.0 through 20.0.0, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another...

CVE-2025-67505

The CVE-2025-67505 entry describes a race condition in the Okta Java Management SDK (versions 11.0.0 through 20.0.0) caused by concurrent requests using the ApiClient class. This condition can allow the status code or response header from one request to influence another request’s response. Red H...

CVE-2025-67505 Race condition in the Okta Java SDK

Okta Java Management SDK facilitates interactions with the Okta management API. In versions 11.0.0 through 20.0.0, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another...

PT-2025-50553

Name of the Vulnerable Software and Affected Versions Okta Java Management SDK versions 11.0.0 through 20.0.0 Description The Okta Java Management SDK, used for interacting with the Okta management API, is susceptible to race conditions when handling concurrent requests utilizing the ApiClient...

Malicious code in globby-legacy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e5dabda4e0dee5eaa0167110e61399509aae53fc96c8c39ebd8b1535e5f4ca15 The package globby-legacy was found to contain malicious code. Source: ossf-package-analysis...

EUVD-2020-0501

Malware in sbrugna...

PT-2024-36618 · Trend Micro · Trend Micro Deep Security Agent

Name of the Vulnerable Software and Affected Versions: Trend Micro Deep Security Agent versions 20.0.1-9400 through 20.0.1-23340 Description: An incorrect permissions assignment issue could allow a local attacker to escalate privileges on affected installations. To exploit this issue, an attacker...

Trend Micro Deep Security 安全漏洞

Trend Micro Deep Security is a server deep security system client from Trend Micro. A security vulnerability exists in versions prior to Trend Micro Deep Security 20.0.1-21510 that stems from the presence of a command injection vulnerability that could allow an attacker to elevate privileges and...

Trend Micro Deep Security Agent 安全漏洞

Trend Micro Deep Security Agent is a security solution from Trend Micro, Inc. that is primarily used to protect data and applications in servers, virtual machines, and cloud environments. A security vulnerability exists in versions prior to Trend Micro Deep Security Agent 20.0.1-17380, which stem...

CVE-2024-36358

A link following vulnerability in Trend Micro Deep Security 20.x agents below build 20.0.1-3180 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to...

CVE-2023-35899

CVE-2023-35899 affects IBM Cloud Pak for Automation versions 18.0.0 through 22.0.2. The issue is a CSV injection vulnerability caused by improper validation of CSV file contents, enabling a remote attacker to execute arbitrary commands on the system. Affected products/versions (per sources) inclu...

Oracle Java SE Security Update (jul2023) 03 - Linux

Oracle Java SE is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Java SE Security Update (jul2023) 04 - Windows

Oracle Java SE is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Java SE Security Update (apr2023) 01 - Linux

Oracle Java SE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-22049

CVE-2023-22049 affects Oracle Java SE and related GraalVM variants (Libraries component; and others listed) with affected versions including Oracle Java SE 8u371/8u371-perf/11.0.19/17.0.7/20.0.1; Oracle GraalVM Enterprise Edition and GraalVM for JDK versions. Exploitation is described as difficul...

Malicious code in api-code-capture-chrome-extension (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f1e44f89c4e3876559f46852c9a652c510df9384be3ffd0180e36f9fd64e8cfe The OpenSSF Package Analysis project identified 'api-code-capture-chrome-extension' @ 20.0.1 npm as malicious. It is considered malicious becaus...

Stored XSS in markdown file with Nextcloud Talk using Internet Explorer (NC-SA-2021-002)

A missing link validation in Nextcloud Server 20.0.1 allowed to execute a stored XSS attack on Internet Explorer users by saving a javascript url in a Markdown...