7486 matches found
br.com.labbs:quarkus-monitor (>=0.1.5 <=0.3.0), br.com.labbs:quarkus-monitor-deployment (>=0.1.5 <=0.3.0) +1517 more potentially affected by CVE-2023-0044 via io.quarkus:quarkus-vertx-http (>=0.23.0 <=2.13.6.Final)
io.quarkus:quarkus-vertx-http MAVEN version =0.23.0, =0.1.5, =0.1.5, =1.0.2, =1.0.2, =1.0.2, =1.0.132, =1.0.132, =1.0.133, =1.0.42, =1.0.42, =1.0.42, =1.0.22, =1.0.22, =1.0.30 and more Source cves: CVE-2023-0044 Source advisory: OSV:GHSA-C57V-HC7M-8PX2...
Python Developers Warned of Trojanized PyPI Packages Mimicking Popular Libraries
Cybersecurity researchers are warning of "imposter packages" mimicking popular libraries available on the Python Package Index PyPI repository. The 41 malicious PyPI packages have been found to pose as typosquatted variants of legitimate modules such as HTTP, AIOHTTP, requests, urllib, and urllib...
jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and...
jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and...
jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and...
jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and...
jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and...
From Spring Native to Spring Boot 3
Today, we are finishing to transition the Spring support for building native executables from the experimental Spring Native project to the official Spring Boot GraalVM native image support. In practice, that means we are archiving the Spring Native GitHub repository and moving it to the...
K53146535: Multiple Sun Java vulnerabilities
Security Advisory Description CVE-2013-5870 Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX. CVE-2013-5878 Unspecified vulnerability in Oracle Java SE 6u65 and...
K76444020: OpenJDK vulnerabilities CVE-2019-2933 and CVE-2019-2958
Security Advisory Description CVE-2019-2933 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows...
K15745: Multiple Oracle Java vulnerabilities
Security Advisory Description CVE-2014-6513 Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. CVE-2014-6532 Unspecified vulnerability in Oracle Jav...
K07519400: Java SE vulnerabilities CVE-2019-2602, CVE-2019-2698, CVE-2019-2945, and CVE-2019-2962
Security Advisory Description CVE-2019-2602 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows...
K40521234: Multiple Oracle Java SE vulnerabilities
Security Advisory Description CVE-2016-3458 Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; and Java SE Embedded 8u91 allows remote attackers to affect integrity via vectors related to CORBA. CVE-2016-3498 Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows remot...
K17848347: Oracle Java vulnerabilities CVE-2019-2422, CVE-2019-2449, and CVE-2019-2540
Security Advisory Description CVE-2019-2422 Vulnerability in the Java SE component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with...
K16352: Multiple OpenJDK vulnerabilities
Security Advisory Description CVE-2015-0383 Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot. CVE-2014-6601...
K17079: Java SE vulnerabilities CVE-2015-2590 and CVE-2015-4732
Security Advisory Description CVE-2015-2590 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than...
K2104: Buffer read overflow in DNS resolver libraries - CAN-2002-1146
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K51591999: Multiple Java vulnerabilities CVE-2020-14562, CVE-2020-14573, CVE-2020-14578, CVE-2020-14579, CVE-2020-14581, CVE-2020-14593
Security Advisory Description CVE-2020-14562 Vulnerability in the Java SE product of Oracle Java SE component: ImageIO. Supported versions that are affected are Java SE: 11.0.7 and 14.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols ...
K26555255: Multiple Java vulnerabilities CVE-2020-2781, CVE-2020-2800, CVE-2020-2803, CVE-2020-2805, CVE-2020-2830
Security Advisory Description CVE-2020-2781 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated...
K13655013: Java vulnerabilities CVE-2018-2825 and CVE-2018-2826
Security Advisory Description CVE-2018-2825 Vulnerability in the Java SE component of Oracle Java SE subcomponent: Libraries. The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to...