Lucene search
K

5829 matches found

Chainguard
Chainguard
added 19 hours ago6 views

CVE-2026-8643 vulnerabilities

Vulnerabilities for packages: wazuh-manager-fips, graalvm...

8CVSS7AI score0.0032EPSS
Exploits0
Chainguard
Chainguard
added 19 hours ago6 views

GHSA-WF93-45JW-7689 vulnerabilities

Vulnerabilities for packages: wazuh-manager-fips, graalvm...

6.1AI score
Exploits0
NVD
NVD
added 2026/06/30 7:17 p.m.10 views

CVE-2026-58138

Orkes Conductor 3.21.21 before 3.30.2 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbitrary OS commands by submitting inline workflow definitions containing malicious JavaScript or Python expressions to the workflow API endpoint prior to...

9.8CVSS0.00938EPSS
Exploits1References5
EUVD
EUVD
added 2026/06/30 6:44 p.m.8 views

EUVD-2026-40377

Orkes Conductor 3.21.21 before 3.30.2 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbitrary OS commands by submitting inline workflow definitions containing malicious JavaScript or Python expressions to the workflow API endpoint prior to...

9.8CVSS6.6AI score0.00938EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/06/30 6:44 p.m.6 views

CVE-2026-58138

Orkes Conductor 3.21.21 before 3.30.2 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbitrary OS commands by submitting inline workflow definitions containing malicious JavaScript or Python expressions to the workflow API endpoint prior to...

9.8CVSS6.6AI score0.00938EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2026/06/30 6:44 p.m.29 views

CVE-2026-58138

CVE-2026-58138 affects Orkes Conductor 3.21.21 up to, but not including, 3.30.2. The vulnerability arises from unsandboxed GraalVM evaluators built with HostAccess.ALL (or allowAllAccess(true)) used by INLINE, LAMBDA, DO_WHILE, and SWITCH task types, enabling an unauthenticated attacker to submit...

9.8CVSS6.6AI score0.00938EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/06/30 6:44 p.m.33 views

CVE-2026-58138 Orkes Conductor 3.21.21 < 3.30.2 Unauthenticated RCE via GraalVM Script Evaluators

Orkes Conductor 3.21.21 before 3.30.2 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbitrary OS commands by submitting inline workflow definitions containing malicious JavaScript or Python expressions to the workflow API endpoint prior to...

9.8CVSS0.00938EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.9 views

IBM WebSphere eXtreme Scale 8.6.1.0 < 8.6.1.6 (7277387)

The version of IBM WebSphere eXtreme Scale installed on the remote host is prior to 8.6.1.6. It is, therefore, affected by multiple vulnerabilities as referenced in the 7277387 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of...

7.5CVSS6AI score0.00702EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.11 views

TencentOS Server 4: java-17-konajdk (TSSA-2026:0329)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0329 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

7.5CVSS7.5AI score0.00702EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.17 views

TencentOS Server 4: java-8-konajdk (TSSA-2026:0331)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0331 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

7.5CVSS7.5AI score0.00702EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.16 views

TencentOS Server 4: java-11-konajdk (TSSA-2026:0330)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0330 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

7.5CVSS7.5AI score0.00702EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/05 7:27 p.m.11 views

CVE-2026-22003

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u481 and 8u481-b50; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows low privileged...

6CVSS7.4AI score0.00101EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.30 views

TencentOS Server 3: java-1.8.0-openjdk (TSSA-2026:0394)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0394 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.5CVSS6AI score0.00702EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.38 views

TencentOS Server 3: java-17-openjdk (TSSA-2026:0395)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0395 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.5CVSS6AI score0.00702EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.28 views

TencentOS Server 3: java-21-openjdk (TSSA-2026:0396)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0396 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.5CVSS7.4AI score0.00702EPSS
Exploits0References9
Redos
Redos
added 2026/05/24 12:0 a.m.34 views

ROS-20260524-73-0012

A vulnerability in the Libraries component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...

3.7CVSS7.2AI score0.00269EPSS
Exploits0
Redos
Redos
added 2026/05/24 12:0 a.m.20 views

ROS-20260524-73-0011

A vulnerability in the Libraries component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...

3.7CVSS7.2AI score0.00269EPSS
Exploits0
Redos
Redos
added 2026/05/24 12:0 a.m.21 views

ROS-20260524-73-0008

A vulnerability in the JGSS component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with a breach of the data protection mechanism. Exploitation of the vulnerability could allow a remote attacker to gain...

5.3CVSS7.2AI score0.0028EPSS
Exploits0
Redos
Redos
added 2026/05/24 12:0 a.m.58 views

ROS-20260524-73-0009

A vulnerability in the JGSS component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with a breach of the data protection mechanism. Exploitation of the vulnerability could allow a remote attacker to gain...

5.3CVSS7.2AI score0.0028EPSS
Exploits0
Redos
Redos
added 2026/05/24 12:0 a.m.18 views

ROS-20260524-73-0010

A vulnerability in the JGSS component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with a breach of the data protection mechanism. Exploitation of the vulnerability could allow a remote attacker to gain...

5.3CVSS7.2AI score0.0028EPSS
Exploits0
Rows per page
Query Builder