com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak (=24.3.0.0), com.github.wnameless.spring.boot.up:spring-boot-up-keycloak-plugin (=24.3.0.0) +8 more potentially affected by CVE-2025-9162 via org.keycloak:keycloak-model-storage-services (>=24.0.0 <=24.0.5)

org.keycloak:keycloak-model-storage-services MAVEN version =24.0.0, =2.5.6-24.0, =24.0.0, =24.0.0, =24.0.0, =24.0.0, =24.0.0, =24.0.0, =24.0.0, =24.0.5 Source cves: CVE-2025-9162 Source advisory: OSV:GHSA-8HXP-QMPH-W5GQ...

CVE-2024-53954

Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-53954

Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-52990

Animate versions 23.0.8, 24.0.5 and earlier are affected by a Buffer Underwrite 'Buffer Underflow' vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could leverage this vulnerability to manipulate memory in such a way that they could execu...

PT-2024-9510 · Adobe · Animate

Name of the Vulnerable Software and Affected Versions: Animate versions 23.0.8, 24.0.5 and earlier Description: The issue is related to insufficient input validation, which could allow an attacker to execute arbitrary code in the context of the current user. Exploitation of this issue requires us...

PT-2024-9509 · Adobe · Animate

Name of the Vulnerable Software and Affected Versions: Animate versions 23.0.8, 24.0.5 and earlier Description: The issue is related to an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issu...

PT-2024-9511 · Adobe · Animate

Name of the Vulnerable Software and Affected Versions: Animate versions 23.0.8, 24.0.5 and earlier Description: The issue is related to an Integer Overflow or Wraparound that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user...

PT-2024-9494 · Adobe · Animate

Name of the Vulnerable Software and Affected Versions: Animate versions 23.0.8, 24.0.5 and earlier Description: The issue is related to an Integer Underflow Wrap or Wraparound that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires use...

PT-2024-9498 · Adobe · Animate

Name of the Vulnerable Software and Affected Versions: Adobe Animate versions 23.0.8, 24.0.5 and earlier Description: The issue is related to an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of thi...

PT-2024-9512 · Adobe · Animate

Name of the Vulnerable Software and Affected Versions: Animate versions 23.0.8, 24.0.5 and earlier Description: The issue is related to an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user...

com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17), com.charlyghislain.keycloak:keycloak-importexport (>=11.0.1 <=23.0.1) +130 more potentially affected by CVE-2024-10270 via org.keycloak:keycloak-services (>=10.0.0 <=24.0.5)

org.keycloak:keycloak-services MAVEN version =10.0.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.0.1, =1.0.2 - com.kleegroup.accelerator:accelerator-security-keycloakmfa =1.0.1 and more Source cves: CVE-2024-10270 Source advisory:...

PT-2024-4295 · Red Hat · Keycloak

Name of the Vulnerable Software and Affected Versions: Keycloak versions prior to 24.0.5 Description: A flaw was found in Keycloak, where certain endpoints in Keycloak's admin REST API allow low-privilege users to access administrative functionalities. This issue presents a significant security...

Nextcloud Server < 23.0.10, 24.x < 24.0.5 DoS Vulnerability (GHSA-m92j-xxc8-hq3v)

Nextcloud Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Code injection

Nextcloud Server is an open source personal cloud server. Prior to versions 23.0.10 and 24.0.5, calendar name lengths are not validated before writing to a database. As a result, an attacker can send unnecessary amounts of data against the database. Version 23.0.10 and 24.0.5 contain patches for...

CVE-2022-41968 Nextcloud Server's calendar name length not validated before writing to database

Nextcloud Server is an open source personal cloud server. Prior to versions 23.0.10 and 24.0.5, calendar name lengths are not validated before writing to a database. As a result, an attacker can send unnecessary amounts of data against the database. Version 23.0.10 and 24.0.5 contain patches for...

PT-2022-26191 · Nextcloud +1 · Nextcloud Server +1

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 23.0.10 Nextcloud Server versions prior to 24.0.5 Description: The issue arises from the lack of validation of calendar name lengths before they are written to a database. This allows an attacker to send...

CVE-2022-39329

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server and Nextcloud Enterprise Server prior to versions 23.0.9 and 24.0.5 are vulnerable to exposure of information that cannot be controlled by administrators without direct database acces...

PT-2022-24902 · Nextcloud +1 · Nextcloud Enterprise Server +2

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 23.0.9 Nextcloud Enterprise Server versions prior to 24.0.5 Description: The issue concerns exposure of information that cannot be controlled by administrators without direct database access. This affects...

CVE-2022-39364 Exception logging in Sharepoint app reveals clear-text connection details

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. In Nextcloud Server prior to versions 23.0.9 and 24.0.5 and Nextcloud Enterprise Server prior to versions 22.2.10.5, 23.0.9, and 24.0.5 an attacker reading nextcloud.log may gain knowledge of...

Nextcloud 安全漏洞

Nextcloud is a suite of open source, self-hosted file synchronization and sharing communication application platform from Nextcloud Germany. A security vulnerability exists in Nextcloud Server, Nextccloud Enterprise Server versions prior to 24.0.5. An attacker could exploit the vulnerability to...