Lucene search
K

7486 matches found

vulnersOsv
vulnersOsv
added 2023/02/23 9:30 p.m.6 views

br.com.labbs:quarkus-monitor (>=0.1.5 <=0.3.0), br.com.labbs:quarkus-monitor-deployment (>=0.1.5 <=0.3.0) +1517 more potentially affected by CVE-2023-0044 via io.quarkus:quarkus-vertx-http (>=0.23.0 <=2.13.6.Final)

io.quarkus:quarkus-vertx-http MAVEN version =0.23.0, =0.1.5, =0.1.5, =1.0.2, =1.0.2, =1.0.2, =1.0.132, =1.0.132, =1.0.133, =1.0.42, =1.0.42, =1.0.42, =1.0.22, =1.0.22, =1.0.30 and more Source cves: CVE-2023-0044 Source advisory: OSV:GHSA-C57V-HC7M-8PX2...

6.1CVSS6.2AI score0.0055EPSS
Exploits0
The Hacker News
The Hacker News
added 2023/02/23 6:25 a.m.3 views

Python Developers Warned of Trojanized PyPI Packages Mimicking Popular Libraries

Cybersecurity researchers are warning of "imposter packages" mimicking popular libraries available on the Python Package Index PyPI repository. The 41 malicious PyPI packages have been found to pose as typosquatted variants of legitimate modules such as HTTP, AIOHTTP, requests, urllib, and urllib...

6.6AI score
Exploits0
RedHat Linux
RedHat Linux
added 2023/02/23 12:1 a.m.7 views

jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin

A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and...

9.9CVSS7.6AI score0.01428EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/02/23 12:1 a.m.6 views

jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin

A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and...

9.9CVSS6.1AI score0.01161EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/02/23 12:1 a.m.6 views

jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin

A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and...

9.9CVSS6.1AI score0.01095EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/02/23 12:1 a.m.4 views

jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin

A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and...

9.9CVSS7.6AI score0.01211EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/02/23 12:1 a.m.5 views

jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin

A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and...

9.9CVSS7.6AI score0.01095EPSS
Exploits0References5
Spring Security Advisories
Spring Security Advisories
added 2023/02/23 12:0 a.m.15 views

From Spring Native to Spring Boot 3

Today, we are finishing to transition the Spring support for building native executables from the experimental Spring Native project to the official Spring Boot GraalVM native image support. In practice, that means we are archiving the Spring Native GitHub repository and moving it to the...

7.4AI score
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 8:2 p.m.69 views

K53146535: Multiple Sun Java vulnerabilities

Security Advisory Description CVE-2013-5870 Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX. CVE-2013-5878 Unspecified vulnerability in Oracle Java SE 6u65 and...

10CVSS7.5AI score0.08383EPSS
Exploits2
F5 Networks
F5 Networks
added 2023/02/21 8:0 p.m.51 views

K76444020: OpenJDK vulnerabilities CVE-2019-2933 and CVE-2019-2958

Security Advisory Description CVE-2019-2933 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows...

5.9CVSS5.1AI score0.02638EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 7:59 p.m.54 views

K15745: Multiple Oracle Java vulnerabilities

Security Advisory Description CVE-2014-6513 Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. CVE-2014-6532 Unspecified vulnerability in Oracle Jav...

10CVSS6.8AI score0.05639EPSS
Exploits1
F5 Networks
F5 Networks
added 2023/02/21 7:56 p.m.138 views

K07519400: Java SE vulnerabilities CVE-2019-2602, CVE-2019-2698, CVE-2019-2945, and CVE-2019-2962

Security Advisory Description CVE-2019-2602 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows...

8.1CVSS6AI score0.12013EPSS
Exploits1
F5 Networks
F5 Networks
added 2023/02/21 7:56 p.m.82 views

K40521234: Multiple Oracle Java SE vulnerabilities

Security Advisory Description CVE-2016-3458 Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; and Java SE Embedded 8u91 allows remote attackers to affect integrity via vectors related to CORBA. CVE-2016-3498 Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows remot...

9.6CVSS6.8AI score0.0669EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 7:54 p.m.65 views

K17848347: Oracle Java vulnerabilities CVE-2019-2422, CVE-2019-2449, and CVE-2019-2540

Security Advisory Description CVE-2019-2422 Vulnerability in the Java SE component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with...

6.1CVSS6.3AI score0.03468EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 7:31 p.m.59 views

K16352: Multiple OpenJDK vulnerabilities

Security Advisory Description CVE-2015-0383 Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot. CVE-2014-6601...

10CVSS6.8AI score0.67234EPSS
Exploits5
F5 Networks
F5 Networks
added 2023/02/21 7:30 p.m.45 views

K17079: Java SE vulnerabilities CVE-2015-2590 and CVE-2015-4732

Security Advisory Description CVE-2015-2590 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than...

10CVSS5AI score0.25714EPSS
Exploits0Affected Software19
F5 Networks
F5 Networks
added 2023/02/21 7:25 p.m.31 views

K2104: Buffer read overflow in DNS resolver libraries - CAN-2002-1146

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

5CVSS6.3AI score0.03279EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 7:7 p.m.44 views

K51591999: Multiple Java vulnerabilities CVE-2020-14562, CVE-2020-14573, CVE-2020-14578, CVE-2020-14579, CVE-2020-14581, CVE-2020-14593

Security Advisory Description CVE-2020-14562 Vulnerability in the Java SE product of Oracle Java SE component: ImageIO. Supported versions that are affected are Java SE: 11.0.7 and 14.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols ...

7.4CVSS5.7AI score0.05166EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 7:1 p.m.67 views

K26555255: Multiple Java vulnerabilities CVE-2020-2781, CVE-2020-2800, CVE-2020-2803, CVE-2020-2805, CVE-2020-2830

Security Advisory Description CVE-2020-2781 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated...

8.3CVSS7AI score0.0623EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:47 p.m.55 views

K13655013: Java vulnerabilities CVE-2018-2825 and CVE-2018-2826

Security Advisory Description CVE-2018-2825 Vulnerability in the Java SE component of Oracle Java SE subcomponent: Libraries. The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to...

8.3CVSS7AI score0.04979EPSS
Exploits0
Rows per page
Query Builder