Lucene search
+L

16 matches found

cve
cve
added 2026/06/29 4:2 p.m.24 views

CVE-2026-13749

Snowflake CLI prior to 3.19 is affected by Improper neutralization in the Snowpark annotation processor callback template, enabling arbitrary code execution during bundling or deployment. An attacker can supply crafted project content that is interpolated into generated Python code, causing code ...

8.8CVSS6.5AI score0.0037EPSS
Exploits0References1Affected Software1
vulnersosv
vulnersosv
added 2026/04/29 12:33 p.m.19 views

ai.ancf.lmos:lmos-operator (>=0.5.0 <=0.6.0), ai.telosforge:kimaira-starter-dms (>=1.2.4 <=1.2.6) +5116 more potentially affected by CVE-2026-22741 via org.springframework:spring-webmvc (>=6.2.0 <=6.2.17)

org.springframework:spring-webmvc MAVEN version =6.2.0, =0.5.0, =1.2.4, =1.2.4, =1.17.0, =0.3.0, =0.0.1, =0.1.0, =0.1.0, =0.1.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.8.1 and more Source cves: CVE-2026-22741 Source advisory: OSV:GHSA-WG35-8JPF-2XV3...

3.1CVSS5.7AI score0.00236EPSS
Exploits0
vulnersosv
vulnersosv
added 2026/04/29 12:33 p.m.13 views

ai.platon.pulsar:pulsar-e2e-tests (>=4.5.0 <=4.6.0), ai.platon.pulsar:pulsar-it-tests (>=4.5.0 <=4.7.4) +1846 more potentially affected by CVE-2026-22741 via org.springframework:spring-webmvc (>=7.0.0 <=7.0.6)

org.springframework:spring-webmvc MAVEN version =7.0.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =2.0.0, =2.0.0, =0.1.1, =0.2.0, =0.5.0, =0.7.0, =0.5.0, =0.5.0, =0.7.5 and more Source cves: CVE-2026-22741 Source advisory: OSV:GHSA-WG35-8JPF-2XV3...

3.1CVSS5.7AI score0.00236EPSS
Exploits0
vulnersosv
vulnersosv
added 2026/04/29 12:33 p.m.16 views

ai.platon.pulsar:pulsar-e2e-tests (>=4.5.0 <=4.6.0), ai.platon.pulsar:pulsar-it-tests (>=4.5.0 <=4.7.4) +1846 more potentially affected by CVE-2026-22745 via org.springframework:spring-webmvc (>=7.0.0 <=7.0.6)

org.springframework:spring-webmvc MAVEN version =7.0.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =2.0.0, =2.0.0, =0.1.1, =0.2.0, =0.5.0, =0.7.0, =0.5.0, =0.5.0, =0.7.5 and more Source cves: CVE-2026-22745 Source advisory: OSV:GHSA-6P4F-WCWH-5VVM...

5.3CVSS5.7AI score0.00341EPSS
Exploits0
vulnersosv
vulnersosv
added 2026/04/21 9:31 p.m.9 views

br.com.archbase:archbase-annotation-processor (>=2.0.0 <=2.1.18), br.com.archbase:archbase-app-framework (>=2.0.0 <=2.1.18) +1590 more potentially affected by CVE-2026-22751 via org.springframework.security:spring-security-core (>=6.5.0 <=6.5.1)

org.springframework.security:spring-security-core MAVEN version =6.5.0, =2.0.0, =2.0.0, =2.0.0, =2.0.1, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.1.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.1.18 and more Source cves: CVE-2026-22751 Source advisory: OSV:GHSA-X2WQ-9X2F-FHJ7...

4.8CVSS5.7AI score0.00124EPSS
Exploits0
vulnersosv
vulnersosv
added 2026/03/20 12:31 a.m.8 views

ai.wavemaker.app.build:wavemaker-app-build-maven-plugin (>=1.0.0-20260516144515 <=1.0.0.ee-20260528111216), ai.wavemaker.app.build:wavemaker-app-build-utils (>=1.0.0-20260516144515 <=1.0.0.ee-20260528111216) +2549 more potentially affected by CVE-2026-22732 via org.springframework.security:spring-security-web (>=6.5.0 <=6.5.8)

org.springframework.security:spring-security-web MAVEN version =6.5.0, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =0.1.0, =0.1.0, =0.1.0, =2.0.0, =2.0.0,...

9.1CVSS7.5AI score0.0048EPSS
Exploits2
vulnersosv
vulnersosv
added 2026/03/20 12:31 a.m.9 views

ai.platon.pulsar:pulsar-e2e-tests (>=4.5.0 <=4.6.0), ai.platon.pulsar:pulsar-it-tests (>=4.5.0 <=4.6.0) +1565 more potentially affected by CVE-2026-22737 via org.springframework:spring-webmvc (>=7.0.0-M1 <=7.0.5)

org.springframework:spring-webmvc MAVEN version =7.0.0-M1, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =2.0.0-beta-1, =0.1.1, =0.2.0, =0.5.0, =0.7.0, =0.5.0, =0.5.0, =0.7.5 and more Source cves: CVE-2026-22737 Source advisory: OSV:GHSA-4773-3JFM-QMX3...

5.9CVSS6AI score0.00385EPSS
Exploits1
vulnersosv
vulnersosv
added 2024/11/27 7:0 p.m.6 views

ai.langsa:ccaas-starter (>=cloud-0.1 <=cloud-0.2.1), be.mogo.generator:mogo-generator-model (=1.0.0.RELEASE) +439 more potentially affected by CVE-2024-49203 via com.querydsl:querydsl-apt (>=4.0.0 <=5.1.0)

com.querydsl:querydsl-apt MAVEN version =4.0.0, =cloud-0.1, =1.0.2.RELEASE, =1.0.0.RELEASE, =1.1.8.RELEASE, =1.1.5.RELEASE, =1.2.7.RELEASE, =1.0.0.RELEASE, =1.0.1, =1.0.1, =1.0.1, =2.0.1, =1.0.1, =1.0.1, =1.0.1, =2.1.18 and more Source cves: CVE-2024-49203 Source advisory: OSV:GHSA-6Q3Q-6V5J-H6VG...

5.7AI score0.00391EPSS
Exploits0
bdu_fstec
bdu_fstec
added 2024/10/10 12:0 a.m.8 views

The vulnerability of the annotation processor for viewing electronic documents in PDF format, provided by Foxit PDF Reader (formerly Foxit Reader), allows a perpetrator to execute arbitrary code.

The vulnerability of the annotation processor in the PDF viewer software, Foxit PDF Reader formerly Foxit Reader, is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created...

7.8CVSS8AI score0.0043EPSS
Exploits0References4Affected Software2
bdu_fstec
bdu_fstec
added 2024/10/10 12:0 a.m.6 views

The vulnerability of the annotation processor for viewing electronic documents in PDF format, provided by Foxit PDF Reader (formerly Foxit Reader), allows a perpetrator to execute arbitrary code.

The vulnerability of the annotation processor for viewing electronic documents in PDF format, provided by Foxit PDF Reader formerly Foxit Reader, is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially...

7.8CVSS7.6AI score0.00875EPSS
Exploits0References4Affected Software2
bdu_fstec
bdu_fstec
added 2024/10/10 12:0 a.m.8 views

The vulnerability of the annotation processor for viewing electronic documents in PDF format, provided by Foxit PDF Reader (formerly Foxit Reader), allows a perpetrator to disclose protected information.

The vulnerability of the annotation processor for viewing electronic documents in PDF format, provided by Foxit PDF Reader formerly Foxit Reader, is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected...

3.3CVSS6.8AI score0.00488EPSS
Exploits0References4Affected Software2
bdu_fstec
bdu_fstec
added 2024/10/10 12:0 a.m.10 views

The vulnerability of the annotation processor for viewing electronic documents in PDF format, provided by Foxit PDF Reader (formerly Foxit Reader), allows a perpetrator to disclose protected information.

The vulnerability of the annotation processor for viewing electronic documents in PDF format, provided by Foxit PDF Reader formerly Foxit Reader, is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to disclose protected information using a...

3.3CVSS6.4AI score0.00448EPSS
Exploits0References4Affected Software2
vulnersosv
vulnersosv
added 2024/07/09 12:31 a.m.9 views

app.valuationcontrol:webservice (>=0.5.0 <=0.5.1), ba.sake:sharaf_3 (>=0.0.7 <=0.7.4) +974 more potentially affected by CVE-2024-3653 via io.undertow:undertow-core (>=2.3.0.Alpha1 <=2.3.14.Final)

io.undertow:undertow-core MAVEN version =2.3.0.Alpha1, =0.5.0, =0.0.7, =1.1.15, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.31 and more Source cves: CVE-2024-3653 Source advisory: OSV:GHSA-CH7Q-GPFF-H9HP...

5.3CVSS6.3AI score0.01866EPSS
Exploits0
github
github
added 2024/04/25 6:30 p.m.23 views

Quarkus: authorization flaw in quarkus resteasy reactive and classic

A flaw was found in Quarkus. When a Quarkus RestEasy Classic or Reactive JAX-RS endpoint has its methods declared in the abstract Java class or customized by Quarkus extensions using the annotation processor, the authorization of these methods will not be enforced if it is enabled by either...

6.5CVSS6.5AI score0.00458EPSS
Exploits0References10Affected Software2
nvd
nvd
added 2024/04/25 4:15 p.m.28 views

CVE-2023-5675

A flaw was found in Quarkus. When a Quarkus RestEasy Classic or Reactive JAX-RS endpoint has its methods declared in the abstract Java class or customized by Quarkus extensions using the annotation processor, the authorization of these methods will not be enforced if it is enabled by either...

6.5CVSS7.1AI score0.00458EPSS
Exploits0References4
fedora
fedora
added 2024/03/07 10:33 p.m.32 views

[SECURITY] Fedora 40 Update: jboss-logging-tools-2.2.1-17.fc40

This pacakge contains JBoss Logging I18n Annotation Processor...

8.8CVSS6.9AI score0.02578EPSS
Exploits3
Rows per page
Query Builder