444 matches found
BIT-JAVA-2022-21449
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 17.0.2 and 18; Oracle GraalVM Enterprise Edition: 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows...
CVE-2026-40490
The AsyncHttpClient AHC library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. When redirect following is enabled followRedirecttrue, versions of AsyncHttpClient prior to 3.0.9 and 2.14.5 forward Authorization and Proxy-Authorization headers...
MCP Java SDK 安全漏洞
The MCP Java SDK is an open-source standard protocol SDK for integrating AI models and tools with Java applications, developed under the Model Context Protocol. Versions of the MCP Java SDK prior to 1.0.1 and 1.1.1 contained security vulnerabilities, which were caused by hardcoded wildcard CORS...
undertow-core: Undertow HTTP Server Fails to Reject Malformed Host Headers Leading to Potential Cache Poisoning and SSRF
A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without...
Intel VTune Profiler和Intel oneAPI Toolkits 代码问题漏洞
Intel VTune Profiler and Intel oneAPI Toolkits are products of Intel Corporation, a US company. Intel VTune Profiler is a performance testing tool designed to optimize software. This software can be used for performance testing in IoT embedded applications, media software, Java applications, and...
GHSA-QQPG-MVQG-649V Logback allows an attacker to instantiate classes already present on the class path
ACE vulnerability in configuration file processing by QOS.CH logback-core up to and including version 1.5.24 in Java applications, allows an attacker to instantiate classes already present on the class path by compromising an existing logback configuration file. The instantiation of a potentially...
CVE-2026-1225
ACE vulnerability in configuration file processing by QOS.CH logback-core up to and including version 1.5.24 in Java applications, allows an attacker to instantiate classes already present on the class path by compromising an existing logback configuration file. The instantiation of a potentially...
UBUNTU-CVE-2026-1225
ACE vulnerability in configuration file processing by QOS.CH logback-core up to and including version 1.5.24 in Java applications, allows an attacker to instantiate classes already present on the class path by compromising an existing logback configuration file. The instantiation of a potentially...
CVE-2026-1225
ACE vulnerability in configuration file processing by QOS.CH logback-core up to and including version 1.5.24 in Java applications, allows an attacker to instantiate classes already present on the class path by compromising an existing logback configuration file. The instantiation of a potentially...
CVE-2026-1225
ACE vulnerability in configuration file processing by QOS.CH logback-core up to and including version 1.5.24 in Java applications, allows an attacker to instantiate classes already present on the class path by compromising an existing logback configuration file. The instantiation of a potentially...
CVE-2026-1225
CVE-2026-1225 affects logback-core (up to and including 1.5.24) used in Java applications. The issue enables an attacker to instantiate arbitrary classes present on the user’s class path by compromising an existing logback configuration file. Exploitation requires the attacker to have write acces...
Logback allows an attacker to instantiate classes already present on the class path
ACE vulnerability in configuration file processing by QOS.CH logback-core up to and including version 1.5.24 in Java applications, allows an attacker to instantiate classes already present on the class path by compromising an existing logback configuration file. The instantiation of a potentially...
undertow-core: Undertow HTTP Server Fails to Reject Malformed Host Headers Leading to Potential Cache Poisoning and SSRF
A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without...
CVE-2025-12543
A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without...
CVE-2025-12543
A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without...
CVE-2025-12543
Undertow core in WildFly/JBoss EAP is affected by CVE-2025-12543 due to improper validation of the Host header in HTTP requests. This can allow cache poisoning, internal network discovery, or user session hijacking. The CVSSv3.1 base score is 9.6 (CRITICAL) with network access, low attack complex...
PT-2026-1665
Name of the Vulnerable Software and Affected Versions Undertow versions affected versions not specified WildFly versions affected versions not specified JBoss EAP versions affected versions not specified Description A flaw exists in the Undertow HTTP server core, utilized by WildFly, JBoss EAP, a...
EUVD-2025-31861
A vulnerability was detected in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/editorderdetails.php. The manipulation of the argument orderid results in sql injection. The attack may be launched remotely. The exploit is now public and may be used...
EUVD-2019-12638
Malware in sbrugna...
EUVD-2008-5472
Malware in sbrugna...