com.coveo:saml-client (>=3.0.0 <=4.0.3), com.cybersource:cybersource-sdk-java (>=6.0.1 <=6.1.0) +203 more potentially affected by CVE-2014-8152 via org.apache.santuario:xmlsec (>=2.0.0 <=2.0.2)

org.apache.santuario:xmlsec MAVEN version =2.0.0, =3.0.0, =6.0.1, =0.0.1, =4.0.1 - com.googlecode.xades4j:xades4j =1.3.2 - com.helger:ph-ebinterface =3.1.0 and more Source cves: CVE-2014-8152 Source advisory: OSV:GHSA-W7CQ-J9P9-HM3M...

ai.idylnlp:idylnlp-models-deeplearning (>=1.0.0 <=1.1.0), ai.platon.pulsar:pulsar-agentic (>=4.5.0 <=4.6.0) +7150 more potentially affected by CVE-2020-14338 via xerces:xercesImpl (>=2.10.0 <=2.12.0)

xerces:xercesImpl MAVEN version =2.10.0, =1.0.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.7.0, =4.5.0, =4.5.0, =4.5.0, =4.1.3, =0.2, =0.3 - ai.stainless:grails-tika =0.1.0 and more Source cves: CVE-2020-14338 Source advisory: OSV:GHSA-W4JQ-QH47-HVJQ...

RPD:bmc-rpd (=1.1), ae.teletronics.nlp:entityextraction (>=1.3 <=1.4) +40374 more potentially affected by CVE-2022-23305 via log4j:log4j (>=1.1.3 <=1.2.17)

log4j:log4j MAVEN version =1.1.3, =1.3, =0.0.5, =1.0.0, =0.25-rc1, =0.25-rc1, =0.25, =0.25, =0.25, =0.25, =1.0.1, =1.0.6, =1.0.6, =1.1, =1.2.10 and more Source cves: CVE-2022-23305 Source advisory: OSV:GHSA-65FG-84F6-3JQ3...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

🔍 Log4JShell Bytecode Detector Log4jShell Bytecode Detector i...

ai.apiverse:apipulse (>='1.0.3' <=1.0.20), ai.eto:rikai_2.12 (>=0.0.2 <=0.0.12) +5067 more potentially affected by CVE-2021-44228 via org.apache.logging.log4j:log4j-core (>=2.13.0 <=2.14.1)

org.apache.logging.log4j:log4j-core MAVEN version =2.13.0, ='1.0.3', =0.0.2, =2.1.0, =3.32.1.7, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =0.2.3, =0.2.4 and more Source cves: CVE-2021-44228 Source advisory: OSV:GHSA-JFH8-C2JP-5V3Q...

com.barchart.http:barchart-http-handlers (>=1.0.6 <=1.0.7), com.barchart.http:barchart-http-server (>=1.0.6 <=1.0.7) +14 more potentially affected by CVE-2021-37136 via io.netty:netty (>=4.0.0.Alpha1 <=4.0.0.Alpha8)

io.netty:netty MAVEN version =4.0.0.Alpha1, =1.0.6, =1.0.6, =0.3, =0.3, =0.2, =1.3.0, =1.0.0.Alpha1, =1.0.0.Alpha2 and more Source cves: CVE-2021-37136 Source advisory: OSV:GHSA-GRG4-WF29-R9VV...

ai.stainless:grails-tika (=0.1.0), au.com.turingg:turingg-files (=0.0.1) +1759 more potentially affected by CVE-2021-31811 via org.apache.pdfbox:pdfbox (>=2.0.0 <=2.0.23)

org.apache.pdfbox:pdfbox MAVEN version =2.0.0, =0.2.1, =0.5.0, =0.11.1, =1.0.0, =1.0, =1.3.5, =0.1.8, =1.1.7 - cc.drx:pdf2.13 =ee - cc.drx:poi2.13 =ee and more Source cves: CVE-2021-31811 Source advisory: OSV:GHSA-FG3J-Q579-V8X4...

ai.aitia:arrowhead-application-library-java-spring (>=4.4.0.0 <=4.4.0.1), ai.databand.azkaban:azkaban-common (=3.18.0) +33447 more potentially affected by CVE-2017-18640 via org.yaml:snakeyaml (>=1.10 <=1.25)

org.yaml:snakeyaml MAVEN version =1.10, =4.4.0.0, =0.2, =0.2, =0.2, =0.2, =0.2, =0.2, =0.0.12, =0.1.8, =0.1.6, =0.1.7 and more Source cves: CVE-2017-18640 Source advisory: OSV:GHSA-RVWF-54QP-4R6V...

be.objectify:deadbolt-java_2.12 (=2.8.0), be.objectify:deadbolt-java_2.13 (=2.8.0) +871 more potentially affected by CVE-2020-10693 via org.hibernate.validator:hibernate-validator (>=6.1.0.Final <=6.1.4.Final)

org.hibernate.validator:hibernate-validator MAVEN version =6.1.0.Final, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.1.0 - ca.uhn.hapi.fhir:hapi-fhir-jpaserver-test-utilities =5.1.0 - cn.chenzw.toolkit:toolkit =1.0.3-a and more Source cves: CVE-2020-10693...

ca.uhn.hapi.fhir:hapi-fhir-base-test-jaxrsserver-kotlin (=5.6.5), com.cerner.beadledom:beadledom-client-example-client (>=4.0 <=4.1.2) +271 more potentially affected by CVE-2020-25633 via org.jboss.resteasy:resteasy-client (>=4.0.0.Beta1 <=4.5.6.Final)

org.jboss.resteasy:resteasy-client MAVEN version =4.0.0.Beta1, =4.0, =4.0, =4.0, =4.0, =4.0, =4.0, =4.0, =4.0, =4.0, =1.0.0, =1.0.2, =1.0.2, =1.0.4 and more Source cves: CVE-2020-25633 Source advisory: OSV:GHSA-HR32-MGPM-QF2F...

ai.hyacinth.framework:core-service-admin-server (>=0.5.0 <=0.5.24), ai.hyacinth.framework:core-service-discovery-server (>=0.5.0 <=0.5.24) +5661 more potentially affected by CVE-2021-21346 via com.thoughtworks.xstream:xstream (>=1.1.1 <=1.4.15)

com.thoughtworks.xstream:xstream MAVEN version =1.1.1, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =j8.2.2.0, =Finchley.SR4, =1.0.0.RELEASE, =1.1.0.RELEASE, =1.0.0.RELEASE, =1.1.1.RELEASE, =0.3.3, =0.4.0, =0.4.2 and more Source cves: CVE-2021-21346 Source advisory: OSV:GHSA-4HRM-M67V-5CXR...

OpenJDK: Missing permission check in path to URI conversion (Libraries, 8242680)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

OpenJDK: Missing permission check in path to URI conversion (Libraries, 8242680)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

OpenJDK: Race condition in NIO Buffer boundary checks (Libraries, 8244136)

Vulnerability in the Java SE product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 11.0.8 and 15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of th...

PT-2020-4502

Name of the Vulnerable Software and Affected Versions Java SE versions 7u271, 8u261, 11.0.8, and 15 Java SE Embedded version 8u261 Description The issue is related to insufficient input validation in the Libraries component of Java SE and Java SE Embedded, allowing an unauthenticated attacker wit...

ai.catboost:catboost-spark_4.0_2.13 (=1.2.10), ai.catboost:catboost-spark_4.1_2.13 (=1.2.10) +723 more potentially affected by CVE-2020-8929 via com.google.crypto.tink:tink (>=1.0.0 <=1.4.0)

com.google.crypto.tink:tink MAVEN version =1.0.0, =1.1.0, =1.1.0, =1.3.0-alpha07, =1.3.0-alpha07, =2.4.0, =2.4.0, =2.3.1, =0.1.0, =0.1.3-20210127.1838-76ab4fc, =0.1.0, =2024.06.27.182436-67121fe, =0.1.0, =0.1.3-20210127.1838-76ab4fc and more Source cves: CVE-2020-8929 Source advisory:...

PT-2020-3534

Name of the Vulnerable Software and Affected Versions Java SE versions 7u261, 8u251, 11.0.7, and 14.0.1 Java SE Embedded version 8u251 Description The issue is related to insufficient input validation in the Libraries component of Oracle Java SE and Java SE Embedded. This can be exploited by an...

YSoSerial Payloads Remote Code Execution (CVE-2020-11518; CVE-2020-27130; CVE-2022-29936)

YSoSerial is a collection of utilities and property-oriented programming "gadget chains" discovered in common java libraries that can, under the right conditions, exploit Java applications performing unsafe deserialization of objects. Successful exploitation of unsafe deserialization objects coul...

africa.shuwari.sbt:sbt-js_2.12_1.0 (>=0.14.1 <=0.16.1), africa.shuwari.sbt:sbt-netbeans_2.12_1.0 (>=0.1.0 <=0.1.1) +23716 more potentially affected by CVE-2017-5645 via org.apache.logging.log4j:log4j-core (>=2.0 <=2.8.1)

org.apache.logging.log4j:log4j-core MAVEN version =2.0, =0.14.1, =0.1.0, =0.9.6, =0.12.0, =0.9.6, =0.9.6, =0.9.6, =0.9.6, =0.14.1, =0.9.6, =0.14.1, =4.4.0.0, =1.4.6, =1.4.6, =1.4.8 and more Source cves: CVE-2017-5645 Source advisory: OSV:GHSA-FXPH-Q3J8-MV87...

ai.chronon:aggregator_2.11 (>=0.0.1 <=thread_contention-0.0.23-dev3), ai.chronon:aggregator_2.12 (>=0.0.6 <=thread_contention-0.0.23-dev3) +5720 more potentially affected by CVE-2019-16943 via com.fasterxml.jackson.core:jackson-databind (>=2.9.0 <=2.9.10)

com.fasterxml.jackson.core:jackson-databind MAVEN version =2.9.0, =0.0.1, =0.0.6, =0.0.1, =local, =0.0.6, =0.0.1, =0.0.1, =0.0.6, =0.0.1, =0.0.1, =0.1.0, =0.1.0, =0.1.0, =0.1.3-20200811-2e41939 - at.ac.ait:ariadne-json-route-format =1.0-java7 and more Source cves: CVE-2019-16943 Source advisory:...