org.apache.syncope.core.am:syncope-core-am-logic (>=4.0.0 <=4.0.2), org.apache.syncope.core.am:syncope-core-am-rest-cxf (>=4.0.0 <=4.0.2) +18 more potentially affected by CVE-2025-65998 via org.apache.syncope.core:syncope-core-provisioning-java (>=4.0.0-M0 <=4.0.2)

org.apache.syncope.core:syncope-core-provisioning-java MAVEN version =4.0.0-M0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.2 and more Source cves: CVE-2...

EUVD-2025-198729

Malicious code in @asyncapi/java-template npm...

Malicious code in @asyncapi/java-template (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 686b2e4c1fe342d1169679b52ef96ae90aebf27fe6b9d3c84f0f9d252779ae15 The package @asyncapi/java-template was found to contain malicious code. Source: ghsa-malware...

MAL-2025-190717 Malicious code in @asyncapi/java-template (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 686b2e4c1fe342d1169679b52ef96ae90aebf27fe6b9d3c84f0f9d252779ae15 The package @asyncapi/java-template was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-198738

Malicious code in @asyncapi/java-spring-cloud-stream-template npm...

EUVD-2025-198770

Malicious code in @asyncapi/java-spring-template npm...

ROS-20251124-14

A vulnerability in the Security component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to read,...

ROS-20251124-12

A vulnerability in the Security component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to read,...

ROS-20251124-11

A vulnerability in the Libraries component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to impact data integrity...

Exploit for CVE-2025-30749

AegisJava A specialized tool to detect and mitigate CVE-202...

OSV-2025-926 Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.statement

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=462261562 Crash type: Security exception Crash state: com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.statement java.base/jdk.internal.misc.Unsafe.weakCompareAndSetInt...

CVE-2025-64428

Dataease is an open source data visualization analysis tool. Versions prior to 2.10.17 are vulnerable to JNDI injection. A blacklist was added in the patch for version 2.10.14. However, JNDI injection remains possible via the iiop, corbaname, and iiopname schemes. The vulnerability has been fixed...

CVE-2025-64428 DataEase DB2 JNDI Vulnerability

Dataease is an open source data visualization analysis tool. Versions prior to 2.10.17 are vulnerable to JNDI injection. A blacklist was added in the patch for version 2.10.14. However, JNDI injection remains possible via the iiop, corbaname, and iiopname schemes. The vulnerability has been fixed...

Dataease 注入漏洞

DataEase is an open source data visualization and analysis tool from DataEase Open Source. Used to help users quickly analyze data and gain insight into business trends to achieve business improvement and optimization. An injection vulnerability exists in versions prior to Dataease 2.10.17 , whic...

TencentOS Server 4: java-8-konajdk (TSSA-2024:0997)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0997 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

TencentOS Server 4: java-11-konajdk (TSSA-2025:0273)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0273 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 3: java-1.8.0-openjdk (TSSA-2022:0005)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0005 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

TencentOS Server 4: java-11-konajdk (TSSA-2024:1018)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:1018 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

TencentOS Server 3: java-21-openjdk (TSSA-2024:0733)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0733 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

TencentOS Server 3: java-1.8.0-openjdk (TSSA-2024:0332)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0332 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...