4457 matches found
4coders-commons (>=0.0.1 <=0.0.2), @11ty/eleventy (=0.3.3) +3644 more potentially affected by CVE-2026-33916 via handlebars (>=4.0.0 <=4.7.8)
handlebars NPM version =4.0.0, =0.0.1, =0.1.0, =0.1.0, =0.0.11, =0.0.52, =0.1.0, =0.0.72, =0.1.0, =1.1.1, =0.0.0-3b548b7bf6ff6554f724240da3a11be924237e6c, =1.16.0, =1.16.0, =1.16.0, =2.4.4 and more Source cves: CVE-2026-33916 Source advisory: SNYK:JS-HANDLEBARS-15789775...
Security Bulletin: Multiple Security vulnerabilities affecting IBM Knowledge Catalog Standard Cartridge
Summary Multiple security vulnerabilities impacting IBM Knowledge Catalog Standard Cartridge. These vulnerabilities had been addressed and customers should update to the recommended version of the product at the earliest opportunity. Vulnerability Details CVEID:CVE-2025-36187 DESCRIPTION: IBM...
Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Apache Commons Lang (CVE-2025-48924)
Summary A vulnerability in Apache Commons Lang that is used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.0.1.15)
The version of AOS installed on the remote host is prior to 7.0.1.15. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.0.1.15 advisory. - urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTT...
Exploit for Missing Authorization in Scshr Hr_Portal
CVE-2025-48734: Apache Commons BeanUtils – enum declaredClass...
OESA-2026-1690 mchange-commons security update
General tool, part of c3p0. Security Fixes: mchange-commons-java, a library that provides Java utilities, includes code that mirrors early implementations of JNDI functionality, including support for remote factoryClassLocation values, by which code can be downloaded and invoked within a running...
Security Bulletin: StackOverflowError Denial-of-Service Vulnerability in Apache Commons Lang ClassUtils.getClass() Due to Uncontrolled Recursion affects watsonx.data
Summary Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 3.0 before 3.18.0. The methods ClassUtils.getClass... can throw StackOverflowError on very lo...
Security Bulletin: IBM Datapower Operations Dashboard is vulnerable to a StackOverflowError CVE-2025-48924
Summary Apache Commons is used by the IBM Datapower Operations Dashboard in their Java components utility operations Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with...
Exploit for Code Injection in Apache Commons_Text
CVE-2022-42889 Text4Shell Report Apache Commons Text CVE-2...
[SECURITY] Fedora 42 Update: libmaxminddb-1.13.1-1.fc42
The libmaxminddb library provides a C library for reading MaxMind DB files, including the GeoIP2 databases from MaxMind. This is a custom binary format designed to facilitate fast lookups of IP addresses while allowing for great flexibility in the type of data associated with an address. The...
Malicious code in @sky-it-livedata-libraries/livedata-commons-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23622be0c1860486eed767780c0a0de0a46b5b0a736cd99a08ecba95fd57c411 The package @sky-it-livedata-libraries/livedata-commons-client was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1373 Malicious code in @sky-it-livedata-libraries/livedata-commons-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23622be0c1860486eed767780c0a0de0a46b5b0a736cd99a08ecba95fd57c411 The package @sky-it-livedata-libraries/livedata-commons-client was found to contain malicious code. Source: ghsa-malware...
Malicious code in @sky-it-livedata-libraries/livedata-commons (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20bdbc3cff45e6eac27e84e332d4efa6ad06a4d593b15610a99115bac25d2931 The package @sky-it-livedata-libraries/livedata-commons was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1372 Malicious code in @sky-it-livedata-libraries/livedata-commons (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20bdbc3cff45e6eac27e84e332d4efa6ad06a4d593b15610a99115bac25d2931 The package @sky-it-livedata-libraries/livedata-commons was found to contain malicious code. Source: ghsa-malware...
Exploit for Deserialization of Untrusted Data in Nextgen Mirth_Connect
CVE-2023-43208 — Mirth Connect RCE !Pythonhttps://img.shie...
Security Bulletin: IBM Security Directory Suite is affected by multiple vulnerabilities (CVE-2025-48976, CVE-2025-36047, CVE-2025-53066, CVE-2025-53057)
Summary IBM Security Directory Suite is affected by WebSphere Liberty vulnerabilities CVE‑2025‑48976, CVE‑2025‑36047 and Java vulnerabilities CVE‑2025‑53066, CVE‑2025‑53057. These vulnerabilities have been addressed with an update. Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An...
Important: Red Hat Security Advisory: Red Hat build of Debezium 3.2.7 release
Red Hat build of Debezium connectors in version 3.2.7 are now available for Red Hat Application Foundations. Debezium is a distributed platform that turns your existing databases into event streams, so applications can see and respond immediately to each row-level change in the databases. Debeziu...
openSUSE 15 Security Update : c3p0 and mchange-commons (SUSE-SU-2026:0855-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0855-1 advisory. c3p0: - Security issues fixed: - CVE-2026-27830: Fixed unsafe object deserialization bsc1258942 - Fix the null pointer exception in the...
openSUSE Security Advisory (SUSE-SU-2026:0855-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Exploit for Code Injection in Apache Commons_Text
No d...