ai.pipestream.module:module-chunker (=0.1.1), ai.pipestream.module:module-echo (=0.1.1) +454 more potentially affected by CVE-2025-66560 via io.quarkus.vertx.utils:quarkus-vertx-utils (>=3.28.0.CR1 <=3.30.8)

io.quarkus.vertx.utils:quarkus-vertx-utils MAVEN version =3.28.0.CR1, =0.0.2, =0.1.1, =0.1.1, =0.2.0, =0.2.0, =0.1.1, =0.1.1, =0.1.7, =0.1.9 and more Source cves: CVE-2025-66560 Source advisory: SNYK:JAVA-IOQUARKUSVERTXUTILS-14897052...

ai.tock:bot-test (>=25.9.0 <=26.3.1), ai.tock:bot-test-base (>=25.9.0 <=26.3.1) +163 more potentially affected by CVE-2025-11966 via io.vertx:vertx-web (>=5.0.0.CR1 <=5.0.4)

io.vertx:vertx-web MAVEN version =5.0.0.CR1, =25.9.0, =25.9.0, =25.9.0, =25.9.0, =25.9.0, =25.9.0, =25.9.0, =25.9.0, =25.9.0, =25.9.0, =25.9.0, =25.9.0, =25.9.0, =25.9.0, =25.9.0, =26.3.1 and more Source cves: CVE-2025-11966 Source advisory: SNYK:JAVA-IOVERTX-13669867...

CVE-2024-30249 Cloudburst Network DoS in RakNet connection handling

Cloudburst Network provides network components used within Cloudburst projects. A vulnerability in versions prior to 1.0.0.CR1-20240330.101522-15 impacts publicly accessible software depending on the affected versions of Network and allows an attacker to use Network as an amplification vector for...

com.qwlabs.doraemon:feature-flags (>=0.2.257 <=0.2.290), com.qwlabs.doraemon:graphql (>=0.2.282 <=0.2.290) +10 more potentially affected by CVE-2023-6393 via io.quarkus:quarkus-cache (>=3.3.0.CR1 <=3.5.1)

io.quarkus:quarkus-cache MAVEN version =3.3.0.CR1, =0.2.257, =0.2.282, =0.2.281, =0.2.282, =0.2.257, =0.2.257, =0.2.257, =3.3.0.CR1, =3.3.0.CR1, =3.3.0.CR1, =3.3.0.CR1, =3.3.0.CR1, =3.5.1 Source cves: CVE-2023-6393 Source advisory: OSV:GHSA-XFV5-JQGP-VQHJ...

br.eti.clairton:ds-test (=0.4.0), com.bertoncelj.wildflysingletonservice:wildfly-singleton-service (>=1.1.0 <=1.2.1) +526 more potentially affected by CVE-2022-3143 via org.wildfly.security:wildfly-elytron (>=1.0.0.Alpha1 <=1.15.0.CR1)

org.wildfly.security:wildfly-elytron MAVEN version =1.0.0.Alpha1, =1.1.0, =2.3.0, =2.3.0, =2.3.0, =0.7.0, =1.2.6, =1.2.6, =1.2.6, =1.2.6, =1.2.6, =1.2.6, =1.2.6, =1.2.6, =1.2.6, =1.3.19 and more Source cves: CVE-2022-3143 Source advisory: OSV:GHSA-JMJ6-P2J9-68CP...

ai.hyacinth.framework:core-service-jpa-support (>=0.5.2 <=0.5.21), ai.hyacinth.framework:core-service-trigger-server (>=0.5.2 <=0.5.21) +6110 more potentially affected by CVE-2020-25638 via org.hibernate:hibernate-core (>=3.3.0.CR1 <=5.3.1.Final)

org.hibernate:hibernate-core MAVEN version =3.3.0.CR1, =0.5.2, =0.5.2, =1.0.0, =1.0.0, =1.0.1, =1.0.1, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.6 and more Source cves: CVE-2020-25638 Source advisory: OSV:GHSA-J8JW-G6FQ-MP7H...

Undertow HTTP header injection and response splitting vulnerability

Red Hat Undertow is a U.S. Red Hat Red Hat, a Java-based embedded Web server, is the default Web server Wildfly Java application server. A security vulnerability exists in Red Hat Undertow versions prior to 7.1.2.CR1 and prior to 7.1.2.GA, which stems from the program failing to adequately filter...

CVE-2016-2955

CVE-2016-2955 is an XSS vulnerability in IBM Connections 5.0 before CR4 and 5.5 before CR1. The issue allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Affected products/versions: IBM Connections 5.0 (pre-CR4) and 5.5 (pre-CR1). The connected source...

CVE-2016-3003

Cross-site scripting XSS vulnerability in the Web UI in IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string, a different vulnerability than CVE-2016-3001 and CVE-2016-3006...

CVE-2016-2999

CVE-2016-2999 affects IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before CR1. The issue is described as an information disclosure via an unspecified brute-force attack accessible to remote authenticated users. The available documents do not provide concrete technical details abou...

CVE-2016-3008

Cross-site scripting XSS vulnerability in the Web UI in IBM Connections 5.0 before CR4 and 5.5 before CR1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-2954 and CVE-2016-2956...

CVE-2016-2954

CVE-2016-2954 is an XSS vulnerability in the IBM Connections Web UI. Affects IBM Connections 5.0 before CR4 and 5.5 before CR1; remote authenticated users can inject arbitrary web script or HTML via unspecified vectors. This entry is differentiated from CVE-2016-2956 and CVE-2016-3008. The provid...

CVE-2016-2954

Cross-site scripting XSS vulnerability in the Web UI in IBM Connections 5.0 before CR4 and 5.5 before CR1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-2956 and CVE-2016-3008...

CVE-2016-3008

CVE-2016-3008 is an XSS vulnerability in IBM Connections Web UI (5.0 before CR4, 5.5 before CR1) allowing remote authenticated users to inject arbitrary scripts via unspecified vectors. The connected sources do not provide explicit exploit details, patch versions, or confirmed in-the-wild exploit...