8 matches found
com.io7m.jsay:com.io7m.jsay (=0.0.2), com.jkoolcloud.tnt4j.streams:tnt4j-streams-jms (>=1.14.2 <=2.3.0) +5 more potentially affected by CVE-2026-32642 via org.apache.activemq:artemis-openwire-protocol (>=2.0.0 <=2.4.0)
org.apache.activemq:artemis-openwire-protocol MAVEN version =2.0.0, =1.14.2, =0.1.0, =0.1.0, =2.0.0, =2.31.1, =2.29.0, =2.44.0 Source cves: CVE-2026-32642 Source advisory: SNYK:JAVA-ORGAPACHEACTIVEMQ-15791526...
Certificate validation in node-sass 2.0.0 to 4.14.1 is disabled when requesting binaries even if the user is not specifying an alternative download path.
...
io.kamon:kamon-opentsdb_2.10 (=0.6.7), io.kamon:kamon-opentsdb_2.11 (=0.6.7) +2 more potentially affected by CVE-2023-36812 via net.opentsdb:opentsdb (>=2.3.0 <=2.4.0)
net.opentsdb:opentsdb MAVEN version =2.3.0, =2.3.2, =2.4.0 Source cves: CVE-2023-36812 Source advisory: OSV:GHSA-76F7-9V52-V2FW...
CVE-2020-4430
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to download arbitrary files from the system. IBM X-Force ID: 180535...
ai.databand:dbnd-agent (>=0.42.1 <=0.80.6), ai.databand:dbnd-api-deequ (>=0.42.1 <=0.80.6) +1854 more potentially affected by CVE-2018-1000850 via com.squareup.retrofit2:retrofit (>=2.0.0 <=2.4.0)
com.squareup.retrofit2:retrofit MAVEN version =2.0.0, =0.42.1, =0.42.1, =0.40.2, =0.42.1, =1.4.2, =1.4.2, =1.4.2, =1.4.2, =1.4.2, =3.8.3.1, =3.8.2.1, =1.0.0, =1.0.0, =1.0.0, =1.1.0 and more Source cves: CVE-2018-1000850 Source advisory: OSV:GHSA-8P8G-F9VG-R7XR...
PT-2018-3433 · Grafana +1 · Grafana +1
Name of the Vulnerable Software and Affected Versions: Grafana versions 2.x through 4.x before 4.6.4 Grafana versions 5.x before 5.2.3 Description: The issue is related to authentication errors in the Grafana web tool, allowing an attacker to bypass authentication. This can be achieved by...
Botan Design Vulnerability (CNVD-2018-08488)
Botan is a library of cryptographic algorithms in the C++ programming language that supports AES, DES, SHA-1, RSA, DSA and Diffie-Hellman. A security vulnerability exists in Botan versions 2.2.0 through 2.4.0, which stems from the program failing to properly match wildcard certificates. An attack...
ALPINE-CVE-2018-9127
Botan 2.2.0 - 2.4.0 fixed in 2.5.0 improperly handled wildcard certificates and could accept certain certificates as valid for hostnames when, under RFC 6125 rules, they should not match. This only affects certificates issued to the same domain as the host, so to impersonate a host one must alrea...