Lucene search
+L

154 matches found

OSV
OSV
added 2025/10/15 5:25 p.m.5 views

CVE-2025-62371 OpenSearch Data Prepper plugins trusts all SSL certificates by default

OpenSearch Data Prepper as an open source data collector for observability data. In versions prior to 2.12.2, the OpenSearch sink and source plugins in Data Prepper trust all SSL certificates by default when no certificate path is provided. Prior to this fix, the OpenSearch sink and source plugin...

7.4CVSS6.7AI score0.00182EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/10/15 12:0 a.m.7 views

PT-2025-42388

Name of the Vulnerable Software and Affected Versions OpenSearch Data Prepper versions prior to 2.12.2 Description OpenSearch Data Prepper is an open source data collector for observability data. The OpenSearch sink and source plugins in Data Prepper trust all SSL certificates by default when no...

7.4CVSS6.4AI score0.00182EPSS
Exploits0References14
Veracode
Veracode
added 2025/09/04 12:55 p.m.6 views

Allocation Of Resources Without Limits

Bouncy Castle is vulnerable to Allocation Of Resources Without Limits. The vulnerability is due to improper resource management due to excessive allocation in PKIX certificate path review components...

6.3CVSS7AI score0.00461EPSS
Exploits0References6Affected Software4
Snyk
Snyk
added 2025/08/13 9:52 a.m.7 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to improper processing of large name constraint structures in PKIXCertPathReviewer. An attacker can cause excessive resource allocation by submitting specially crafted ASN.1...

6.3CVSS6.8AI score0.00461EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/13 9:52 a.m.8 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to improper processing of large name constraint structures in PKIXCertPathReviewer. An attacker can cause excessive resource allocation by submitting specially crafted ASN.1...

6.3CVSS6.8AI score0.00461EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/13 9:52 a.m.5 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to improper processing of large name constraint structures in PKIXCertPathReviewer. An attacker can cause excessive resource allocation by submitting specially crafted ASN.1...

6.3CVSS6.8AI score0.00461EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/13 9:52 a.m.1 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to improper processing of large name constraint structures in PKIXCertPathReviewer. An attacker can cause excessive resource allocation by submitting specially crafted ASN.1...

6.3CVSS6.8AI score0.00461EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/13 9:52 a.m.1 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to improper processing of large name constraint structures in PKIXCertPathReviewer. An attacker can cause excessive resource allocation by submitting specially crafted ASN.1...

6.3CVSS6.8AI score0.00461EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/13 9:52 a.m.11 views

Allocation of Resources Without Limits or Throttling

Overview org.bouncycastle:bcprov-jdk15on is a Java implementation of cryptographic algorithms. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to improper processing of large name constraint structures in PKIXCertPathReviewer. An attack...

6.3CVSS6.8AI score0.00461EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/13 9:52 a.m.11 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to improper processing of large name constraint structures in PKIXCertPathReviewer. An attacker can cause excessive resource allocation by submitting specially crafted ASN.1...

6.3CVSS6.8AI score0.00461EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/13 9:52 a.m.10 views

Allocation of Resources Without Limits or Throttling

Overview org.bouncycastle:bcprov-jdk16 is a Bouncy Castle Crypto package that is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.6. Affected versions of this package are vulnerable to Allocatio...

6.3CVSS6.8AI score0.00461EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/13 9:52 a.m.8 views

Allocation of Resources Without Limits or Throttling

Overview org.bouncycastle:bcprov-ext-jdk14 is a Java implementation of cryptographic algorithms. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to improper processing of large name constraint structures in PKIXCertPathReviewer. An...

6.3CVSS6.8AI score0.00461EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/13 12:0 a.m.6 views

PT-2025-32978

Name of the Vulnerable Software and Affected Versions: Bouncy Castle for Java versions 1.44 through 1.78 BCPKIX FIPS versions 1.0.0 through 1.0.7 BCPKIX FIPS versions 2.0.0 through 2.0.7 Description: The Bouncy Castle for Java cryptographic libraries contain a vulnerability related to excessive...

9.8CVSS6.8AI score0.0326EPSS
Exploits1References222
CNNVD
CNNVD
added 2024/10/08 12:0 a.m.8 views

Siemens SINEC Security Monitor 路径遍历漏洞

SINEC Security Monitor is a modular network security software for passive, non-intrusive, continuous network security monitoring during production processes at customer sites. A path traversal vulnerability exists in Siemens SINEC Security Monitor that originates from not properly validating the...

6.9CVSS6.8AI score0.00551EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.30 views

RHEL 7 : java-1.8.0-ibm (RHSA-2024:0879)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0879 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

5.9CVSS6.5AI score0.014EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2024/03/14 12:0 a.m.22 views

Mageia: Security Advisory (MGASA-2024-0056)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.014EPSS
Exploits0References5
Mageia
Mageia
added 2024/03/13 11:14 p.m.111 views

Updated java-17-openjdk packages fix security vulnerabilities

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: OpenJDK: memory corruption issue on x8664 with AVX-512 8317121 CVE-2023-22025 OpenJDK: certificate path validation issue during client authentication...

7.5CVSS7.5AI score0.014EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/03/05 12:0 a.m.22 views

CentOS: Security Advisory for java-11-openjdk (CESA-2023:5736)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6.4AI score0.014EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/02/20 8:59 a.m.68 views

Moderate: Red Hat Security Advisory: java-1.8.0-ibm security update

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

5.9CVSS6.4AI score0.014EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/02/20 8:59 a.m.4 views

OpenJDK: certificate path validation issue during client authentication (8309966)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise...

5.3CVSS7.3AI score0.014EPSS
Exploits0References4
Rows per page
Query Builder