CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

46 matches found

IBM Security Bulletins•added 2026/05/19 7:19 p.m.•14 views

Security Bulletin: DevOps Test Performance contains vulnerabilities related to use of netty-codec-http

Summary Due to use of netty-codec-http, DevOps Test Performance and Rational Performance Tester contain potential HTTP Request Smuggling and Uncontrolled Resource Consumption vulnerabilities. Vulnerability Details CVEID:CVE-2026-42580 DESCRIPTION: Netty is an asynchronous, event-driven network...

9.8CVSS6AI score0.00018EPSS

Exploits5Affected Software1

IBM Security Bulletins•added 2026/05/18 11:41 a.m.•10 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of netty-handler-proxy

Summary Due to use of netty-handler-proxy, DevOps Test Performance and Rational Performance Tester contain a potential header injection vulnerability. Vulnerability Details CVEID:CVE-2026-42578 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Fina...

7.5CVSS5.9AI score0.0001EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/05/13 1:52 p.m.•7 views

Security Bulletin: DevOps Test Performance contains vulnerabilities related to use of Eclipse Jetty

Summary Due to use of Eclipse Jetty, DevOps Test Performance and Rational Performance Tester contain potential input validation, information exposure, integer overflow, memory allocation, HTTP parsing, and URI authority validation vulnerabilities. Vulnerability Details CVEID:CVE-2022-2047...

7.5CVSS6.9AI score0.04575EPSS

Exploits2Affected Software1

IBM Security Bulletins•added 2026/05/12 5:31 p.m.•5 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of netty-codec-http

Summary Due to use of netty-codec-http, DevOps Test Performance and Rational Performance Tester contain a potential CRLF injection vulnerability. Vulnerability Details CVEID:CVE-2026-41417 DESCRIPTION: Netty allows request-line validation to be bypassed when a DefaultHttpRequest or...

5.3CVSS5.8AI score0.0002EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/04/22 2:51 p.m.•1 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of AsyncHttpClient

Summary Due to use of AsyncHttpClient, DevOps Test Performance and Rational Performance Tester contain a potential vulnerability where Authorization/Proxy-Authorization headers are improperly leaked. Vulnerability Details CVEID:CVE-2026-40490 DESCRIPTION: The AsyncHttpClient AHC library allows Ja...

6.8CVSS6AI score0.00071EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/22 12:13 p.m.•3 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the path-to-regexp library

Summary Due to use of the path-to-regexp library, DevOps Test Performance and Rational Performance Tester contain a potential Regular Expression Denial of Service ReDoS vulnerability. Vulnerability Details CVEID:CVE-2026-4923 DESCRIPTION: Impact: When using multiple wildcards, combined with at...

7.5CVSS5.8AI score0.00019EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/21 5:5 p.m.•3 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the path-to-regexp package

Summary Due to use of the path-to-regexp package, DevOps Test Performance and Rational Performance Tester contain a potential Regular Expression Denial of Service ReDoS vulnerability. Vulnerability Details CVEID:CVE-2026-4867 DESCRIPTION: Impact: A bad regular expression is generated any time you...

7.5CVSS5.8AI score0.00018EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/20 2:26 p.m.•3 views

Security Bulletin: DevOps Test Performance contains a vulnerability due to use of Spring Boot

Summary Due to use of Spring Boot, DevOps Test Performance and Rational Performance Tester contain a potential authentication bypass vulnerability. Vulnerability Details CVEID:CVE-2026-22731 DESCRIPTION: Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass"...

8.2CVSS5.8AI score0.00036EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/20 2:23 p.m.•3 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of Spring Framework MVC and WebFlux

Summary Due to use of Spring Framework MVC and WebFlux, DevOps Test Performance and Rational Performance Tester contain a potential stream corruption vulnerability. Vulnerability Details CVEID:CVE-2026-22735 DESCRIPTION: Spring MVC and WebFlux applications are vulnerable to stream corruption when...

2.6CVSS5.8AI score0.00092EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/20 2:13 p.m.•4 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use Apache CXF

Summary Due to use of Apache CXF, DevOps Test Performance and Rational Performance Tester contain a potential Denial of Service DoS vulnerability. Vulnerability Details CVEID:CVE-2025-23184 DESCRIPTION: A potential denial of service vulnerability is present in versions of Apache CXF before 3.5.10...

7.5CVSS5.7AI score0.0031EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/20 1:44 p.m.•3 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the Undertow web server

Summary Due to use of the Undertow web server, DevOps Test Performance and Rational Performance Tester contain a potential Denial of Service DoS vulnerability. Vulnerability Details CVEID:CVE-2025-9784 DESCRIPTION: A flaw was found in Undertow where malformed client requests can trigger server-si...

7.5CVSS5.7AI score0.02234EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/04/20 1:40 p.m.•2 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of Apache Commons Lang

Summary Due to use of Apache Commons Lang, DevOps Test Performance and Rational Performance Tester contain a potential Denial of Service DoS vulnerability. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apach...

5.3CVSS5.7AI score0.00099EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/17 7:15 p.m.•1 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the Spring Framework

Summary Due to use of the Spring Framework, DevOps Test Performance and Rational Performance Tester contain a potential path traversal vulnerability. Vulnerability Details CVEID:CVE-2026-22737 DESCRIPTION: Use of Java scripting engine enabled e.g. JRuby, Jython template views in Spring MVC and...

5.9CVSS5.7AI score0.00096EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/17 6:51 p.m.•7 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the Netty framework

Summary Due to use of the Netty framework, DevOps Test Performance and Rational Performance Tester contain a potential HTTP request smuggling vulnerability. Vulnerability Details CVEID:CVE-2026-33870 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. In versions...

7.5CVSS5.7AI score0.00028EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/04/17 6:48 p.m.•2 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the brace-expansion Node.js library

Summary Due to use of the brace-expansion Node.js library, DevOps Test Performance and Rational Performance Tester contain a potential Denial of Service DoS vulnerability. Vulnerability Details CVEID:CVE-2026-33750 DESCRIPTION: The brace-expansion library generates arbitrary strings containing a...

7.5CVSS5.8AI score0.00028EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/17 6:45 p.m.•3 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of yaml JavaScript library

Summary Due to use of the yaml JavaScript library, DevOps Test Performance and Rational Performance Tester contain a potential Denial of Service DoS vulnerability. Vulnerability Details CVEID:CVE-2026-33532 DESCRIPTION: yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document...

4.3CVSS5.9AI score0.00025EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/04/17 1:50 p.m.•4 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the Undertow web server library

Summary Due to use of the Undertow web server library, DevOps Test Performance and Rational Performance Tester contain a potential Denial of Service DoS vulnerability. Vulnerability Details CVEID:CVE-2026-3260 DESCRIPTION: A flaw was found in Undertow. A remote attacker could exploit this...

7.5CVSS5.7AI score0.00494EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/17 1:47 p.m.•1 views

Security Bulletin: DevOps Test Performance contains vulnerabilities related to use of the Lodash JavaScript library

Summary Due to use of the Lodash JavaScript library, DevOps Test Performance and Rational Performance Tester contain potential Prototype Pollution and Arbitrary Code Injection vulnerabilities. Vulnerability Details CVEID:CVE-2025-13465 DESCRIPTION: Lodash versions 4.0.0 through 4.17.22 are...

7.9CVSS6.6AI score0.00028EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/17 1:44 p.m.•3 views

Security Bulletin: DevOps Test Performance contains vulnerabilities related to use of the Lodash JavaScript library

Summary Due to use of the Lodash JavaScript library, DevOps Test Performance and Rational Performance Tester contain potential Arbitrary Code Injection and Prototype Pollution vulnerabilities. Vulnerability Details CVEID:CVE-2025-13465 DESCRIPTION: Lodash versions 4.0.0 through 4.17.22 are...

9.8CVSS7AI score0.00044EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/17 1:40 p.m.•2 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the jakarta.mail library

Summary Due to use of the jakarta.mail library, DevOps Test Performance and Rational Performance Tester contain a potential SMTP injection vulnerability. Vulnerability Details CVEID:CVE-2025-7962 DESCRIPTION: In Jakarta Mail 2.0.2 it is possible to preform a SMTP Injection by utilizing the \r and...

7.5CVSS6.6AI score0.00054EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by