16 matches found
CVE-2026-13749
Snowflake CLI prior to 3.19 is affected by Improper neutralization in the Snowpark annotation processor callback template, enabling arbitrary code execution during bundling or deployment. An attacker can supply crafted project content that is interpolated into generated Python code, causing code ...
ai.ancf.lmos:lmos-operator (>=0.5.0 <=0.6.0), ai.telosforge:kimaira-starter-dms (>=1.2.4 <=1.2.6) +5116 more potentially affected by CVE-2026-22741 via org.springframework:spring-webmvc (>=6.2.0 <=6.2.17)
org.springframework:spring-webmvc MAVEN version =6.2.0, =0.5.0, =1.2.4, =1.2.4, =1.17.0, =0.3.0, =0.0.1, =0.1.0, =0.1.0, =0.1.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.8.1 and more Source cves: CVE-2026-22741 Source advisory: OSV:GHSA-WG35-8JPF-2XV3...
ai.platon.pulsar:pulsar-e2e-tests (>=4.5.0 <=4.6.0), ai.platon.pulsar:pulsar-it-tests (>=4.5.0 <=4.7.4) +1846 more potentially affected by CVE-2026-22741 via org.springframework:spring-webmvc (>=7.0.0 <=7.0.6)
org.springframework:spring-webmvc MAVEN version =7.0.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =2.0.0, =2.0.0, =0.1.1, =0.2.0, =0.5.0, =0.7.0, =0.5.0, =0.5.0, =0.7.5 and more Source cves: CVE-2026-22741 Source advisory: OSV:GHSA-WG35-8JPF-2XV3...
ai.platon.pulsar:pulsar-e2e-tests (>=4.5.0 <=4.6.0), ai.platon.pulsar:pulsar-it-tests (>=4.5.0 <=4.7.4) +1846 more potentially affected by CVE-2026-22745 via org.springframework:spring-webmvc (>=7.0.0 <=7.0.6)
org.springframework:spring-webmvc MAVEN version =7.0.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =2.0.0, =2.0.0, =0.1.1, =0.2.0, =0.5.0, =0.7.0, =0.5.0, =0.5.0, =0.7.5 and more Source cves: CVE-2026-22745 Source advisory: OSV:GHSA-6P4F-WCWH-5VVM...
br.com.archbase:archbase-annotation-processor (>=2.0.0 <=2.1.18), br.com.archbase:archbase-app-framework (>=2.0.0 <=2.1.18) +1590 more potentially affected by CVE-2026-22751 via org.springframework.security:spring-security-core (>=6.5.0 <=6.5.1)
org.springframework.security:spring-security-core MAVEN version =6.5.0, =2.0.0, =2.0.0, =2.0.0, =2.0.1, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.1.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.1.18 and more Source cves: CVE-2026-22751 Source advisory: OSV:GHSA-X2WQ-9X2F-FHJ7...
ai.wavemaker.app.build:wavemaker-app-build-maven-plugin (>=1.0.0-20260516144515 <=1.0.0.ee-20260528111216), ai.wavemaker.app.build:wavemaker-app-build-utils (>=1.0.0-20260516144515 <=1.0.0.ee-20260528111216) +2549 more potentially affected by CVE-2026-22732 via org.springframework.security:spring-security-web (>=6.5.0 <=6.5.8)
org.springframework.security:spring-security-web MAVEN version =6.5.0, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =0.1.0, =0.1.0, =0.1.0, =2.0.0, =2.0.0,...
ai.platon.pulsar:pulsar-e2e-tests (>=4.5.0 <=4.6.0), ai.platon.pulsar:pulsar-it-tests (>=4.5.0 <=4.6.0) +1565 more potentially affected by CVE-2026-22737 via org.springframework:spring-webmvc (>=7.0.0-M1 <=7.0.5)
org.springframework:spring-webmvc MAVEN version =7.0.0-M1, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =2.0.0-beta-1, =0.1.1, =0.2.0, =0.5.0, =0.7.0, =0.5.0, =0.5.0, =0.7.5 and more Source cves: CVE-2026-22737 Source advisory: OSV:GHSA-4773-3JFM-QMX3...
ai.langsa:ccaas-starter (>=cloud-0.1 <=cloud-0.2.1), be.mogo.generator:mogo-generator-model (=1.0.0.RELEASE) +439 more potentially affected by CVE-2024-49203 via com.querydsl:querydsl-apt (>=4.0.0 <=5.1.0)
com.querydsl:querydsl-apt MAVEN version =4.0.0, =cloud-0.1, =1.0.2.RELEASE, =1.0.0.RELEASE, =1.1.8.RELEASE, =1.1.5.RELEASE, =1.2.7.RELEASE, =1.0.0.RELEASE, =1.0.1, =1.0.1, =1.0.1, =2.0.1, =1.0.1, =1.0.1, =1.0.1, =2.1.18 and more Source cves: CVE-2024-49203 Source advisory: OSV:GHSA-6Q3Q-6V5J-H6VG...
The vulnerability of the annotation processor for viewing electronic documents in PDF format, provided by Foxit PDF Reader (formerly Foxit Reader), allows a perpetrator to execute arbitrary code.
The vulnerability of the annotation processor in the PDF viewer software, Foxit PDF Reader formerly Foxit Reader, is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created...
The vulnerability of the annotation processor for viewing electronic documents in PDF format, provided by Foxit PDF Reader (formerly Foxit Reader), allows a perpetrator to execute arbitrary code.
The vulnerability of the annotation processor for viewing electronic documents in PDF format, provided by Foxit PDF Reader formerly Foxit Reader, is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially...
The vulnerability of the annotation processor for viewing electronic documents in PDF format, provided by Foxit PDF Reader (formerly Foxit Reader), allows a perpetrator to disclose protected information.
The vulnerability of the annotation processor for viewing electronic documents in PDF format, provided by Foxit PDF Reader formerly Foxit Reader, is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected...
The vulnerability of the annotation processor for viewing electronic documents in PDF format, provided by Foxit PDF Reader (formerly Foxit Reader), allows a perpetrator to disclose protected information.
The vulnerability of the annotation processor for viewing electronic documents in PDF format, provided by Foxit PDF Reader formerly Foxit Reader, is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to disclose protected information using a...
app.valuationcontrol:webservice (>=0.5.0 <=0.5.1), ba.sake:sharaf_3 (>=0.0.7 <=0.7.4) +974 more potentially affected by CVE-2024-3653 via io.undertow:undertow-core (>=2.3.0.Alpha1 <=2.3.14.Final)
io.undertow:undertow-core MAVEN version =2.3.0.Alpha1, =0.5.0, =0.0.7, =1.1.15, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.31 and more Source cves: CVE-2024-3653 Source advisory: OSV:GHSA-CH7Q-GPFF-H9HP...
Quarkus: authorization flaw in quarkus resteasy reactive and classic
A flaw was found in Quarkus. When a Quarkus RestEasy Classic or Reactive JAX-RS endpoint has its methods declared in the abstract Java class or customized by Quarkus extensions using the annotation processor, the authorization of these methods will not be enforced if it is enabled by either...
CVE-2023-5675
A flaw was found in Quarkus. When a Quarkus RestEasy Classic or Reactive JAX-RS endpoint has its methods declared in the abstract Java class or customized by Quarkus extensions using the annotation processor, the authorization of these methods will not be enforced if it is enabled by either...
[SECURITY] Fedora 40 Update: jboss-logging-tools-2.2.1-17.fc40
This pacakge contains JBoss Logging I18n Annotation Processor...