Lucene search
+L

7 matches found

Atlassian
Atlassian
added 2026/04/08 10:29 p.m.26 views

RCE (Remote Code Execution) org.yaml:snakeyaml Dependency in Jira Service Management Data Center

This is a vulnerability in a non-Atlassian Jira Service Management dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity RCE Remote Code Execution vulnerability was introduced in versions 11.3.3 of Jira Service Management Data...

9.8CVSS7.5AI score0.99615EPSS
Exploits10
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/02 5:43 p.m.8 views

Security Bulletin: Rational Performance Tester contains a vulnerability related to use of the Netty framework

Summary Due to the use of Netty, Rational Performance Tester contains a vulnerability which could result in an Out of Memory OOM condition. CVE-2025-58057 Vulnerability Details CVEID:CVE-2025-58057 DESCRIPTION: Netty is an asynchronous event-driven network application framework for rapid...

7.5CVSS6.5AI score0.00561EPSS
Exploits1Affected Software1
Snyk
Snyk
added 2025/09/26 2:27 p.m.5 views

Improper Encoding or Escaping of Output

Overview get-jwks is a Fetch utils for JWKS keys Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output via the getPublicKey process. An attacker can bypass issuer validation and gain unauthorized access by poisoning the JWKS cache with a crafted public key an...

9.4CVSS6.9AI score
Exploits0References2
OSV
OSV
added 2024/02/06 5:15 p.m.4 views

CVE-2024-1252

A vulnerability classified as critical was found in Tongda OA 2017 up to 11.9. Affected by this vulnerability is an unknown functionality of the file /general/attendance/manage/askduty/delete.php. The manipulation of the argument ASKDUTYID leads to sql injection. The exploit has been disclosed to...

9.8CVSS5.5AI score0.00651EPSS
Exploits1References3
Snyk
Snyk
added 2023/11/21 12:37 p.m.3 views

Observable Discrepancy

Overview jsrsasign is a free pure JavaScript cryptographic library. Affected versions of this package are vulnerable to Observable Discrepancy via the RSA PKCS1.5 or RSAOAEP decryption process. An attacker can decrypt ciphertexts by exploiting the Marvin security flaw. Exploiting this vulnerabili...

7.5CVSS6.9AI score0.0096EPSS
Exploits1References2
OSV
OSV
added 2023/11/09 7:15 p.m.5 views

CVE-2023-6054

A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.9. This affects an unknown part of the file general/wiki/cp/manage/lock.php. The manipulation of the argument TERMIDSTR leads to sql injection. The exploit has been disclosed to the public and may be used...

9.8CVSS5.5AI score0.00932EPSS
Exploits1References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/09/16 5:31 a.m.4 views

Trend Micro Internet Security vulnerability where files may be excluded as scan targets

Overview Trend Micro Internet Security provided by Trend Micro Incorporated contains a vulnerability where arbitrary files or folders may be excluded as scan targets when the conditions below are met. An attacker can place a specific file into the system The attacker can execute a specific API fr...

4.7CVSS6.9AI score
Exploits0References3
Rows per page
Query Builder