7 matches found
CVE-2025-48888
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Starting in version 1.41.3 and prior to versions 2.1.13, 2.2.13, and 2.3.2, deno run --allow-read --deny-read main.ts results in allowed, even though 'deny' should be stronger. The result is the same with all global unary permissions give...
CVE-2020-36843
The implementation of EdDSA in EdDSA-Java aka ed25519-java through 0.3.0 exhibits signature malleability and does not satisfy the SUF-CMA Strong Existential Unforgeability under Chosen Message Attacks property. This allows attackers to create new valid signatures different from previous signature...
CVE-2025-2240
A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory OOM issue. This vulnerability is externally triggered when calling the metrics URI. Every call creates a new object within meterMap and may lead to a denial of service DoS issue. Mitigation Red Hat has...
CVE-2025-24648
creationtimestamp| type| source ---|---|--- 2025-02-04 15:16:57+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhedzybbgj2c 2025-02-04 18:54:18+00:00| seen| https://t.me/cvedetector/17203...
CVE-2024-12959
CVE-2024-12959 affects the open-source 1000 Projects Portfolio Management System MCA 1.0. The vulnerability is in the file /update_personal_details.php, where manipulating the query parameter q enables SQL injection. Exploitation is possible remotely, and the exploit has been disclosed publicly. ...
CVE-2024-46544
Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors: from 1.2.9-beta through 1.2.49...
CVE-2022-40169
...