firefox: Integer overflow in the Networking: JAR component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the Networking: JAR component...

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in IBM Semeru Runtime Quarterly CPU - Apr 2026

Summary IBM Sterling Control Center is affected by vulnerabilities CVE-2026-34282, CVE-2026-22016, CVE-2026-23865, CVE-2026-22021, CVE-2026-22013, CVE-2026-22018, CVE-2026-22008, CVE-2026-34268, CVE-2026-22007, CVE-2026-6918 reported for IBM Semeru Runtime Quarterly CPU - Apr 2026 - Includes...

ROOT-APP-MAVEN-CVE-2024-40094 CVE-2024-40094 in io.root.com.graphql-java:graphql-java - Patched by Root

Root has patched CVE-2024-40094 in the io.root.com.graphql-java:graphql-java package for Root:Maven. Multiple fixed versions available...

USN-8322-1 commons-beanutils vulnerability

It was discovered that Apache Commons BeanUtils incorrectly allowed access to the declaredClass property of Java enum objects when handling externally supplied property paths. An attacker could possibly use this issue to execute arbitrary code...

Security Bulletin: IBM Engineering Lifecycle Management - Engineering Test management is impacted by vulnerabilities in Eclipse Paho Java client library

Summary A vulnerability has been identified in Eclipse Paho Java client library, which is used in IBM Engineering Lifecycle Management - Engineering Test management Vulnerability Details CVEID:CVE-2019-11777 DESCRIPTION: In the Eclipse Paho Java client library version 1.2.0, when connecting to an...

Multiple Vulnerabilities in Cosminexus

Overview Cosminexus Developer's Kit for JavaTM and Hitachi Developer's Kit for Java contain the following vulnerabilities: CVE-2026-22007, CVE-2026-22013, CVE-2026-22016, CVE-2026-22018, CVE-2026-22021, CVE-2026-23865, CVE-2026-34268, CVE-2026-34282 Impact Regarding the impact of the vulnerabilit...

Yamcs Vulnerable to Server-Side Code Injection (RCE) via Janino Expression Engine in `JavaExprAlgorithmExecutionFactory`

Summary A Server-Side Code Injection vulnerability exists in the Yamcs algorithm evaluation engine org.yamcs.algorithms.JavaExprAlgorithmExecutionFactory. The application dynamically compiles and evaluates user-controlled algorithm text without enforcing a secure sandbox. An authenticated user wi...

PT-2026-44161

Name of the Vulnerable Software and Affected Versions Yamcs versions 4.7.3 through 5.12.6 Description The Nashorn ScriptEngine used to evaluate user-supplied algorithm text is constructed without a ClassFilter. This allows a user with the ChangeMissionDatabase privilege to execute arbitrary Java...

CVE-2025-69600

Command injection in Raynet rvia 12.6.4392.49-amd64.deb allows adversaries to execute commands via getconfig, and upload through the URL argument, and oracle through the -o flag The Supplier's perspective is that this is caused by Argument Injection in the find command query in rvia 12.6.4392.49...

CVE-2026-38945

Command injection in Raynet rvia version 12.6 Update 8 and previous versions allows adversaries to execute arbitrary code via a crafted path that matches the improperly terminated search criteria of rvia's Java search using the find command...

CVE-2025-69600

Command injection in Raynet rvia RayVentory Scan Engine 12.6 Update 8 and previous versions allows adversaries to execute commands via getconfig, upload, inventory, and oracle options...

RayVentory Scan Engine 安全漏洞

RayVentory Scan Engine is a network scanning engine developed by the German company RayVentory, designed for automatically discovering and collecting IT asset information. Versions of RayVentory Scan Engine 12.6 Update 8 and earlier contained security vulnerabilities. These vulnerabilities stemme...

CVE-2025-69600

CVE-2025-69600 affects RayVentory Raynet RVIA 12.6.4392.49-amd64.deb. Root cause is Argument Injection in an improperly terminated find command used to locate Java, enabling local attackers to execute arbitrary code via commands injected through getconfig, upload, or oracle options (and inventory...

CVE-2026-38945

Command injection in Raynet rvia version 12.6 Update 8 and previous versions allows adversaries to execute arbitrary code via a crafted path that matches the improperly terminated search criteria of rvia's Java search using the find command...

CVE-2026-38945

Command injection in Raynet rvia version 12.6 Update 8 and previous versions allows adversaries to execute arbitrary code via a crafted path that matches the improperly terminated search criteria of rvia's Java search using the find command...

CVE-2026-38945

Raynet rvia 12.6 Update 8 and earlier versions are affected by a command injection due to improper termination of search criteria in Java-based search using the find command. This allows an adversary with local access to execute arbitrary code via a crafted path. The CVSS base score is 7.8 (HIGH)...

CVE-2025-69600

Command injection in Raynet rvia RayVentory Scan Engine 12.6 Update 8 and previous versions allows adversaries to execute commands via getconfig, upload, inventory, and oracle options...

RayVentory Scan Engine 安全漏洞

RayVentory Scan Engine is a network scanning engine developed by the German company RayVentory, designed for automatically discovering and collecting IT asset information. Version 12.6.4392.49 of the RayVentory Scan Engine contains a security vulnerability. This vulnerability stems from parameter...

RHEL 9 : jmc (RHSA-2026:20568)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:20568 advisory. JDK Mission Control is a powerful profiler for HotSpot JVMs and has an advanced set of tools that enables efficient and detailed analysis o...

EUVD-2026-32001

epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. Prior to 1.2.2, an attacker on the network path between the ePA service and the Konnektor can present any TLS certificate self-signed, expired, wrong CN and intercept all SOAP traffic. This includes patient...