Lucene search
K

9 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Batik

A vulnerability in Batik of Apache XML Graphics allows an attacker to execute untrusted Java code from an SVG. This issue affects Apache XML Graphics versions prior to 1.16. It is recommended to update to version 1.16...

7.5CVSS7.7AI score0.02143EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-5293

Malware in sbrugna...

10CVSS6AI score0.02779EPSS
Exploits1References13
CVE
CVE
added 2025/10/02 12:23 p.m.13 views

CVE-2025-11239

KNIME Business Hub vulnerability CVE-2025-11239 is about exposure of potentially sensitive job information to all team members in versions before 1.16.0. KNIME states that starting with 1.16.0 only metadata of jobs is visible to team members, while the creator of a job can see all information, in...

4.3CVSS6.2AI score0.00194EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/10/02 12:0 a.m.24 views

CVE-2025-49090

The CVE-2025-49090 entry concerns the Matrix specification prior to 1.16, specifically room version before 12 and State Resolution before 2.1, which is reported to have deficient state resolution. The issue is documented across multiple feeds (RH, OSV, NVD, CVE list, Alpine, etc.) with linked adv...

7.1CVSS6.8AI score0.00421EPSS
Exploits0References4
OSV
OSV
added 2022/10/25 5:15 p.m.5 views

UBUNTU-CVE-2022-42890

A vulnerability in Batik of Apache XML Graphics allows an attacker to run Java code from untrusted SVG via JavaScript. This issue affects Apache XML Graphics prior to 1.16. Users are recommended to upgrade to version 1.16...

7.5CVSS7.1AI score0.0232EPSS
Exploits0References8
CNNVD
CNNVD
added 2022/10/25 12:0 a.m.4 views

Apache XML Graphics Batik 代码问题漏洞

Apache XML Graphics Batik is a suite of Java-based applications from the Apache Foundation that are primarily used to process images in SVG format. A security vulnerability exists in versions of Apache XML Graphics prior to 1.16 that stems from a problem with Batik that allows an attacker to run...

7.5CVSS7.5AI score0.0232EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2022/04/12 12:0 a.m.4 views

PT-2022-19390 · Jenkins · Jenkins Publish Over Ftp Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Publish Over FTP Plugin versions 1.16 and earlier Description: A cross-site request forgery CSRF issue allows attackers to connect to an FTP server using attacker-specified credentials. Recommendations: For Jenkins Publish Over FTP...

8.8CVSS8.6AI score0.00697EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2021/11/08 6:15 a.m.2 views

CVE-2021-41772

Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field...

7.5CVSS7.2AI score0.03051EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2019/12/17 2:18 a.m.4 views

kubernetes: Bearer tokens written to logs at high verbosity levels (>= 7)

The Kubernetes client-go library logs request headers at verbosity levels of 7 or higher. This can disclose credentials to unauthorized users via logs or command output. Kubernetes components such as kube-apiserver prior to v1.16.0, which make use of basic or bearer token authentication, and run ...

6.5CVSS6.6AI score0.01766EPSS
Exploits0References4
Rows per page
Query Builder