CVE-2025-11538

A vulnerability exists in Keycloak's server distribution where enabling debug mode --debug insecurely defaults to binding the Java Debug Wire Protocol JDWP port to all network interfaces 0.0.0.0. This exposes the debug port to the local network, allowing an attacker on the same network segment to...

EUVD-2023-2424

Malicious code in bioql PyPI...

ROS-20240606-05

Unreliable HTML string vulnerability of Java port jtidy is associated with a stack overflow error. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...

Aircompressor 安全漏洞

Aircompressor is an airlift open source library that ports the Snappy, LZO, LZ4 and Zstandard compression algorithms to Java. Aircompressor versions prior to 0.27 have a security vulnerability that stems from a decompressor that may crash the JVM and leak memory contents...

Fedora: Security Advisory for jchardet (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Code injection

Symantec Endpoint Protection Manager SEPM 12.1 before 12.1-RU6-MP3 allows remote attackers to execute arbitrary Java code by connecting to the console Java port...