CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1319 matches found

IBM Security Bulletins•added 2026/04/20 2:13 p.m.•4 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use Apache CXF

Summary Due to use of Apache CXF, DevOps Test Performance and Rational Performance Tester contain a potential Denial of Service DoS vulnerability. Vulnerability Details CVEID:CVE-2025-23184 DESCRIPTION: A potential denial of service vulnerability is present in versions of Apache CXF before 3.5.10...

7.5CVSS5.7AI score0.0031EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/20 1:44 p.m.•3 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the Undertow web server

Summary Due to use of the Undertow web server, DevOps Test Performance and Rational Performance Tester contain a potential Denial of Service DoS vulnerability. Vulnerability Details CVEID:CVE-2025-9784 DESCRIPTION: A flaw was found in Undertow where malformed client requests can trigger server-si...

7.5CVSS5.7AI score0.02234EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/04/20 1:40 p.m.•2 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of Apache Commons Lang

Summary Due to use of Apache Commons Lang, DevOps Test Performance and Rational Performance Tester contain a potential Denial of Service DoS vulnerability. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apach...

5.3CVSS5.7AI score0.00099EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/17 7:15 p.m.•1 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the Spring Framework

Summary Due to use of the Spring Framework, DevOps Test Performance and Rational Performance Tester contain a potential path traversal vulnerability. Vulnerability Details CVEID:CVE-2026-22737 DESCRIPTION: Use of Java scripting engine enabled e.g. JRuby, Jython template views in Spring MVC and...

5.9CVSS5.7AI score0.00096EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/17 6:51 p.m.•7 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the Netty framework

Summary Due to use of the Netty framework, DevOps Test Performance and Rational Performance Tester contain a potential HTTP request smuggling vulnerability. Vulnerability Details CVEID:CVE-2026-33870 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. In versions...

7.5CVSS5.7AI score0.00028EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/04/17 6:48 p.m.•2 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the brace-expansion Node.js library

Summary Due to use of the brace-expansion Node.js library, DevOps Test Performance and Rational Performance Tester contain a potential Denial of Service DoS vulnerability. Vulnerability Details CVEID:CVE-2026-33750 DESCRIPTION: The brace-expansion library generates arbitrary strings containing a...

7.5CVSS5.8AI score0.00028EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/17 6:45 p.m.•3 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of yaml JavaScript library

Summary Due to use of the yaml JavaScript library, DevOps Test Performance and Rational Performance Tester contain a potential Denial of Service DoS vulnerability. Vulnerability Details CVEID:CVE-2026-33532 DESCRIPTION: yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document...

4.3CVSS5.9AI score0.00025EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/04/17 1:50 p.m.•4 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the Undertow web server library

Summary Due to use of the Undertow web server library, DevOps Test Performance and Rational Performance Tester contain a potential Denial of Service DoS vulnerability. Vulnerability Details CVEID:CVE-2026-3260 DESCRIPTION: A flaw was found in Undertow. A remote attacker could exploit this...

7.5CVSS5.7AI score0.00494EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/17 1:47 p.m.•1 views

Security Bulletin: DevOps Test Performance contains vulnerabilities related to use of the Lodash JavaScript library

Summary Due to use of the Lodash JavaScript library, DevOps Test Performance and Rational Performance Tester contain potential Prototype Pollution and Arbitrary Code Injection vulnerabilities. Vulnerability Details CVEID:CVE-2025-13465 DESCRIPTION: Lodash versions 4.0.0 through 4.17.22 are...

7.9CVSS6.6AI score0.00028EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/17 1:44 p.m.•3 views

Security Bulletin: DevOps Test Performance contains vulnerabilities related to use of the Lodash JavaScript library

Summary Due to use of the Lodash JavaScript library, DevOps Test Performance and Rational Performance Tester contain potential Arbitrary Code Injection and Prototype Pollution vulnerabilities. Vulnerability Details CVEID:CVE-2025-13465 DESCRIPTION: Lodash versions 4.0.0 through 4.17.22 are...

9.8CVSS7AI score0.00044EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/17 1:40 p.m.•2 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the jakarta.mail library

Summary Due to use of the jakarta.mail library, DevOps Test Performance and Rational Performance Tester contain a potential SMTP injection vulnerability. Vulnerability Details CVEID:CVE-2025-7962 DESCRIPTION: In Jakarta Mail 2.0.2 it is possible to preform a SMTP Injection by utilizing the \r and...

7.5CVSS6.6AI score0.00054EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/17 1:36 p.m.•5 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the xmldom JavaScript library

Summary Due to use of the xmldom JavaScript library, DevOps Test Performance and Rational Performance Tester contain a potential XML injection vulnerability. Vulnerability Details CVEID:CVE-2026-34601 DESCRIPTION: xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and...

7.5CVSS5.6AI score0.00019EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/17 1:12 p.m.•3 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of Spring Security

Summary Due to use of Spring Security, DevOps Test Performance and Rational Performance Tester contain a vulnerability that can potentially result in clickjacking, XSS, and sensitive data exposure via caching. CVE-2026-22732 Vulnerability Details CVEID:CVE-2026-22732 DESCRIPTION: When application...

9.1CVSS5.7AI score0.00028EPSS

Exploits2Affected Software1

IBM Security Bulletins•added 2026/04/17 1:4 p.m.•2 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the form-data libary

Summary Due to use of the form-data library, DevOps Test Performance and Rational Performance Tester contain a potential HTTP Parameter Pollution HPP vulnerability CVE-2025-7783. Vulnerability Details CVEID:CVE-2025-7783 DESCRIPTION: Use of Insufficiently Random Values vulnerability in form-data...

9.4CVSS6.7AI score0.01319EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/04/16 3:15 p.m.•3 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of React Router

Summary Due to use of React Router, DevOps Test Performance and Rational Performance Tester contain a Open Redirect vulnerability, potentially enabling phishing or credential theft. Vulnerability Details CVEID:CVE-2025-68470 DESCRIPTION: React Router is a router for React. In versions 6.0.0 throu...

6.5CVSS5.7AI score0.00048EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/16 3:5 p.m.•1 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the glob npm package

Summary Due to use of the glob npm package, DevOps Test Performance and Rational Performance Tester contain a potential command injection vulnerability. Vulnerability Details CVEID:CVE-2025-64756 DESCRIPTION: Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior t...

7.5CVSS6.4AI score0.00025EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/04/16 2:47 p.m.•2 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the Connect2id Nimbus JOSE + JWT library

Summary Due to use of the Connect2id Nimbus JOSE + JWT library, DevOps Test Performance and Rational Performance Tester contain a potential Denial of Service DoS vulnerability. Vulnerability Details CVEID:CVE-2025-53864 DESCRIPTION: Connect2id Nimbus JOSE + JWT 10.0.x before 10.0.2 and 9.37.x...

5.8CVSS5.9AI score0.00143EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/16 2:43 p.m.•1 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the npm semver package

Summary Due to use of the npm semver package, DevOps Test Performance and Rational Performance Tester contain a potential Regular Expression Denial of Service ReDoS vulnerability. Vulnerability Details CVEID:CVE-2022-25883 DESCRIPTION: Versions of the package semver before 7.5.2 are vulnerable to...

7.5CVSS5.8AI score0.00598EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/04/16 2:27 p.m.•1 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the Node.js on-headers middleware

Summary Due to use of the Node.js on-headers middleware, DevOps Test Performance and Rational Performance Tester contain an Improper Handling of Unexpected Data Type vulnerability, potentially enabling header manipulation. Vulnerability Details CVEID:CVE-2025-7339 DESCRIPTION: on-headers is a...

3.4CVSS5.8AI score0.00036EPSS

Exploits0Affected Software1

OSSF Malicious Packages•added 2026/04/16 9:52 a.m.•2 views

Malicious code in devops-debug-tool-ctf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d30d25ee7c0447913c62771e8ddcec556db40753e2133f73ec7613939b5ca35c The package devops-debug-tool-ctf was found to contain malicious code...

5.7AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by