org.webjars.npm:browser-sync-ui (=2.27.11), org.webjars.npm:bulma (=1.0.0) +21 more potentially affected by CVE-2026-29063 via org.webjars.npm:immutable (>=3.7.6 <=5.1.3)

org.webjars.npm:immutable MAVEN version =3.7.6, =0.7.0, =0.8.3, =0.8.4 - org.webjars.npm:flux =2.1.1 - org.webjars.npm:github-com-DataTables-DataTablesSrc =2.0.5 - org.webjars.npm:github-com-codeforms-Punica-CSS-Framework =3.0.0 - org.webjars.npm:github-com-digicorp-propeller =1.3.2 -...

Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to a partial denial of service and a JNI function returning incorrect value length due to multiple vulnerabilities.

Summary IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ used by IBM i are vulnerable to an unauthenticated attacker performing a partial denial of service partial DOS CVE-2024-21208, CVE-2024-21217 and JNI function GetStringUTFLength returning incorrect value length when...

EUVD-2026-9444

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device. This vulnerability is due to insecure deserialization of a user-supplied Java...

CVE-2026-20131

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device. This vulnerability is due to insecure deserialization of a user-supplied Java...

CVE-2026-20131 Cisco Secure Firewall Management Center Software Remote Code Execution Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device. This vulnerability is due to insecure deserialization of a user-supplied Java...

CVE-2026-20131

CVE-2026-20131 affects Cisco Secure Firewall Management Center (FMC) Software via the web-based management interface. The root cause is insecure deserialization of untrusted Java byte streams, enabling an unauthenticated, remote attacker to execute arbitrary Java code as root. Affected artifacts ...

CVE-2026-20131

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device. This vulnerability is due to insecure deserialization of a user-supplied Java...

CVE-2026-20131 Cisco Secure Firewall Management Center Software Remote Code Execution Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device. This vulnerability is due to insecure deserialization of a user-supplied Java...

CVE-2023-7337

The JS Help Desk – AI-Powered Support & Ticketing System plugin for WordPress is vulnerable to SQL Injection via the 'js-support-ticket-token-tkstatus' cookie in version 2.8.2 due to an incomplete fix for CVE-2023-50839 where a second sink was left with insufficient escaping on the user supplied...

Security Bulletin: protobuf-java - CVE-2021-44716 addressed in Cloudera Data Platform Private Cloud Base 7.1.9

Summary Security Bulletin: protobuf-java - CVE-2021-44716 addressed in Cloudera Data Platform Private Cloud Base 7.1.9. Vulnerability Details CVEID:CVE-2021-44716 DESCRIPTION: net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header...

Security Bulletin: Multiple security vulnerabilities has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI - January 2026 CPU and CVE-2026-1188

Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about security vulnerabilities affecting WAS has been published in multiple security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

PT-2026-22984

Name of the Vulnerable Software and Affected Versions Cisco Secure Firewall Management Center FMC affected versions not specified Cisco Security Cloud Control SCC Firewall Management affected versions not specified Description A flaw in the web-based management interface of the software allows an...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.0.1.14)

The version of AOS installed on the remote host is prior to 7.0.1.14. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.0.1.14 advisory. - A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elfswapshdr in the library...

net.enilink.platform:net.enilink.platform.web (=1.6.0), org.webjars.npm:formio__core (=2.6.0) +1 more potentially affected by CVE-2026-0540 via org.webjars.npm:dompurify (>=3.1.7 <=3.3.0)

org.webjars.npm:dompurify MAVEN version =3.1.7, =0.54.0, =0.55.1 Source cves: CVE-2026-0540 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15371377...

K000160213: LZ4 vulnerability CVE-2025-12183

Security Advisory Description Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input. CVE-2025-12183 Impact There is no impact; F5 products are not affected by this...

CVE-2025-70821

renren-secuity before v5.5.0 is vulnerable to SQL Injection in the BaseServiceImpl.java component...

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by denial of service and a possible information leak due to LZ4 compression

Summary LZ4 compression for Java in Logstash is used by IBM Operations Analytics - Log Analysis as part of the fast, lightweight compression to reduce storage size. CVE-2025-12183, CVE-2025-66566. Vulnerability Details CVEID:CVE-2025-12183 DESCRIPTION: Out-of-bounds memory operations in...

renren-security 安全漏洞

Renren-security is a lightweight, front-end-independent Java rapid development platform open source by Renrenio. Versions of renren-security prior to v5.5.0 have security vulnerabilities; these vulnerabilities stem from the BaseServiceImpl.java component, which is vulnerable to SQL injection...

CVE-2025-48619

In multiple functions of ContentProvider.java, there is a possible way for an app with read-only access to truncate files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2025-48574

In validateAddingWindowLw of DisplayPolicy.java, there is a possible way for an app to intercept drag-and-drop events due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...