CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/05/06 2:45 p.m.•1 views

BIT-JAVA-MIN-2025-50106

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1;...

8.1CVSS7.2AI score0.01014EPSS

Exploits0References4

OSV•added 2026/05/06 2:45 p.m.•1 views

BIT-JAVA-2025-30752

3.7CVSS7.2AI score0.00254EPSS

Positive Technologies•added 2026/05/06 12:0 a.m.•4 views

PT-2026-38040

3.7CVSS7.2AI score0.00254EPSS

Positive Technologies•added 2026/05/06 12:0 a.m.•4 views

PT-2026-37832

8.1CVSS7.2AI score0.02123EPSS

Exploits1References5

CBLMariner•added 2026/04/17 6:38 p.m.•2 views

CVE-2026-40393 affecting package mesa for versions less than 24.0.1-8

CVE-2026-40393 affecting package mesa for versions less than 24.0.1-8. A patched version of the package is available...

9.8CVSS5.8AI score0.00057EPSS

Exploits0

IBM Security Bulletins•added 2026/01/12 3:11 p.m.•5 views

Security Bulletin: Multiple security vulnerabilities are addressed in IBM Business Automation Workflow Containers fixes December 2025

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Business Automation Workflow Containers 24.0.1-IF006 and 25.0.0-IF003. Vulnerability Details CVEID:CVE-2025-36058 DESCRIPTION: IBM Cloud Pak for Business Automatio...

7.5CVSS6.2AI score0.00876EPSS

Exploits0Affected Software2

RedhatCVE•added 2025/12/17 8:7 a.m.•2 views

CVE-2025-66033

Okta Java Management SDK facilitates interactions with the Okta management API. In versions 21.0.0 through 24.0.0, specific multithreaded implementations may encounter memory issues as threads are not properly cleaned up after requests are completed. Over time, this can degrade performance and...

5.3CVSS6.7AI score0.00049EPSS

Cvelist•added 2025/12/10 9:46 p.m.•14 views

CVE-2025-66033 Improper Memory Cleanup in the Okta Java SDK

5.3CVSS0.00049EPSS

Vulnrichment•added 2025/12/10 9:46 p.m.•2 views

CVE-2025-66033 Improper Memory Cleanup in the Okta Java SDK

5.3CVSS6.4AI score0.00049EPSS

OSV•added 2025/12/10 9:30 p.m.•12 views

GHSA-QHR6-6CGV-6638 Improper Memory Cleanup in the Okta Java SDK

Description In the Okta Java SDK, specific multithreaded implementations may encounter memory issues as threads are not properly cleaned up after requests are completed. Over time, this can degrade performance and availability in long-running applications and may result in a denial-of-service...

5.3CVSS6.8AI score0.00049EPSS

Exploits0References4

Github Security Blog•added 2025/12/10 9:30 p.m.•17 views

Improper Memory Cleanup in the Okta Java SDK

5.3CVSS6.9AI score0.00049EPSS

Exploits0References4Affected Software1

Cvelist•added 2025/11/03 9:18 p.m.•10 views

CVE-2025-36172 Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for 24.0.0-IF007, 24.0.1-IF005 and 25.0.0-IF002

IBM Cloud Pak for Business Automation 25.0.0 through 25.0.0 Interim Fix 001, 24.0.1 through 24.0.1 Interim Fix 004, 24.0.0 through 24.0.0 Interim Fix 006, and earlier unsupported releases IBM Business Automation Workflow is vulnerable to stored cross-site scripting. This vulnerability allows an...

6.4CVSS0.00021EPSS

EUVD•added 2025/11/03 6:31 p.m.•0 views

EUVD-2025-37490

IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an attacker to access unauthorized content or perform unauthorized actions using man in the middle techniques due to improper access controls...

4.8CVSS6.1AI score0.00023EPSS

EUVD•added 2025/11/03 6:31 p.m.•3 views

EUVD-2025-37500

IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user to cause a denial of service due to the improper validation of input length...

6.5CVSS5.9AI score0.00086EPSS

Cvelist•added 2025/11/03 3:15 p.m.•6 views

CVE-2025-36092 IBM Business Automation Insights improper input validation

IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user to cause a denial of service due to the improper validation of input length...

6.5CVSS0.00086EPSS

Cvelist•added 2025/11/03 3:14 p.m.•2 views

CVE-2025-36091 IBM Business Automation Insights unverified ownership

IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user to cause dashboards to become inaccessible to legitimate users due to invalid ownership assignment...

4.3CVSS0.00039EPSS

Positive Technologies•added 2025/11/03 12:0 a.m.•3 views

PT-2025-44769

Name of the Vulnerable Software and Affected Versions IBM Cloud Pak For Business Automation versions 25.0.0, 24.0.1, and 24.0.0 Description IBM Cloud Pak For Business Automation may allow an authenticated user to cause a denial of service. This is due to improper validation of input length...

6.5CVSS6.3AI score0.00086EPSS

Positive Technologies•added 2025/11/03 12:0 a.m.•4 views

PT-2025-44780

Name of the Vulnerable Software and Affected Versions IBM Cloud Pak For Business Automation versions 25.0.0, 24.0.1, and 24.0.0 Description IBM Cloud Pak For Business Automation may allow an attacker to access unauthorized content or perform unauthorized actions through man-in-the-middle techniqu...

7.4CVSS6.2AI score0.00023EPSS

CNNVD•added 2025/11/03 12:0 a.m.•1 views

IBM Cloud Pak for Business Automation 安全漏洞

IBM Cloud Pak for Business Automation is a suite of modular, integrated software components for any type of hybrid cloud environment, designed to accelerate business growth and improve operational efficiency by automating technologies that enable digital transformation of business processes. A...

6.5CVSS7.1AI score0.00086EPSS