CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

56303 matches found

Redos•added 2026/02/16 12:0 a.m.•5 views

ROS-20260216-73-0035

A vulnerability in the AWT and JavaFX components of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with insufficient protection of proprietary data. Exploitation of the vulnerability could allow an attacker acting...

7.4CVSS5.6AI score0.00252EPSS

Exploits0

Redos•added 2026/02/16 12:0 a.m.•7 views

ROS-20260216-73-0036

7.4CVSS5.6AI score0.00252EPSS

Exploits0

Redos•added 2026/02/16 12:0 a.m.•6 views

ROS-20260216-73-0038

A vulnerability in the AWT and JavaFX components of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient protection of proprietary data. Exploitation of the vulnerability could allow an attacker acting...

7.4CVSS5.6AI score0.00252EPSS

Exploits0

Redos•added 2026/02/16 12:0 a.m.•8 views

ROS-20260216-73-0039

A vulnerability in the Security component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause...

7.5CVSS5.6AI score0.00547EPSS

Exploits0

Redos•added 2026/02/16 12:0 a.m.•6 views

ROS-20260216-73-0041

7.5CVSS5.6AI score0.00547EPSS

Exploits0

Tenable Nessus•added 2026/02/14 12:0 a.m.•7 views

SUSE SLES15: java-1_8_0-openjdk / java-1_8_0-openjdk-accessibility / etc (SUSE-SU-2026:0504-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0504-1 advisory. - CVE-2026-21925: Fixed a vulnerability in the Oracle Java SE component RMI. bsc1257034 - CVE-2026-21932: Fixed a...

7.5CVSS6.5AI score0.00547EPSS

Exploits1References13

SUSE Linux•added 2026/02/13 2:24 p.m.•9 views

Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: CVE-2026-21925: Fixed a vulnerability in the Oracle Java SE component RMI. bsc1257034 CVE-2026-21932: Fixed a vulnerability in the Oracle Java SE component AWT and JavaFX. bsc1257036 CVE-2026-21933: Fixed a vulnerability in the Oracle...

7.5CVSS5.8AI score0.00547EPSS

Exploits1References18

OSV•added 2026/02/13 12:31 p.m.•5 views

GHSA-RP46-R563-JRC7 Apache Avro Java SDK is Vulnerable to Code Injection

Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Avro Java SDK when generating specific records from untrusted Avro schemas. This issue affects Apache Avro Java SDK: all versions through 1.11.4 and version 1.12.0. Users are recommended to upgrade to version 1.12.1 o...

6.9CVSS5.9AI score0.00602EPSS

Exploits0References9

Github Security Blog•added 2026/02/13 12:31 p.m.•9 views

Apache Avro Java SDK is Vulnerable to Code Injection

7.3CVSS5.5AI score0.00602EPSS

Exploits0References9Affected Software1

NVD•added 2026/02/13 12:16 p.m.•6 views

CVE-2025-33042

7.3CVSS0.00602EPSS

Exploits0References2

PyPA•added 2026/02/13 12:16 p.m.•9 views

PYSEC-2026-26

Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Avro Java SDK when generating specific records from untrusted Avro schemas.This issue affects Apache Avro Java SDK: all versions through 1.11.4 and version1.12.0.Users are recommended to upgrade to version 1.12.1 or...

7.3CVSS7.2AI score0.00602EPSS

Exploits0References2Affected Software1

OSV•added 2026/02/13 12:16 p.m.•6 views

CVE-2025-33042

7.3CVSS5.5AI score

Exploits0References2

OSV•added 2026/02/13 12:16 p.m.•11 views

PYSEC-2026-26

7.3CVSS7.2AI score0.00602EPSS

Exploits0References2

Cvelist•added 2026/02/13 11:47 a.m.•25 views

CVE-2025-33042 Apache Avro Java SDK: Code injection on Java generated code

0.00602EPSS

Exploits0References1

EUVD•added 2026/02/13 11:47 a.m.•7 views

EUVD-2025-206910

7.3CVSS5.5AI score0.00602EPSS

Exploits0References1

ATTACKERKB•added 2026/02/13 11:47 a.m.•5 views

CVE-2025-33042

5.5AI score0.00602EPSS

Exploits0References2Affected Software1

CVE•added 2026/02/13 11:47 a.m.•42 views

CVE-2025-33042

CVE-2025-33042 : Improper control of generation of code (Code Injection) in the Apache Avro Java SDK. Affects all versions up to 1.11.4 and 1.12.0; upgrading to 1.12.1 or 1.11.5 fixes the issue. CVSS v3.1 base score 7.3 (HIGH). Connected IBM advisories confirm the same vulnerability and the recom...

7.3CVSS5.5AI score0.00602EPSS

Exploits0References2Affected Software1

Rockylinux•added 2026/02/13 9:6 a.m.•12 views

java-25-openjdk security update

An update is available for java-25-openjdk. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The OpenJDK 25 packages provide the OpenJDK 25 Java Runtime Environme...

7.5CVSS6.3AI score0.00547EPSS

Exploits6

OSV•added 2026/02/13 9:6 a.m.•18 views

RLSA-2026:0933 Important: java-25-openjdk security update

The OpenJDK 25 packages provide the OpenJDK 25 Java Runtime Environment and the OpenJDK 25 Java Software Development Kit. Security Fixes: JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945 libpng:...

7.5CVSS5.9AI score0.00547EPSS

Exploits6References6

Positive Technologies•added 2026/02/13 12:0 a.m.•9 views

PT-2026-7986

Name of the Vulnerable Software and Affected Versions Apache Avro Java SDK versions through 1.11.4 and version 1.12.0 Description An Improper Control of Generation of Code 'Code Injection' issue exists in Apache Avro Java SDK when generating specific records from untrusted Avro schemas. The flaw...

7.3CVSS5.8AI score0.00602EPSS

Exploits0References23

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by