EUVD-2025-176373

Malicious code in simulate-refactor-java-route-beta npm...

EUVD-2025-176328

Malicious code in small-interpret-java-reject-data npm...

Malicious code in omega-big-zero-export-java (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6452494d4a91b262c8f8c973f098395e47d3fd525719d07e2c95a4915fae749b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-178291

Malicious code in java-orchestrate-awk-process-virtualize npm...

MAL-2025-188133 Malicious code in mu-mu-psi-zero-java (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86e30de6ba5cb67955c7eb4e9c932eb4fdf8670ae52f71ab87c5f98463386b4d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-176539

Malicious code in sandbox-export-integer-alpha-java npm...

EUVD-2025-175636

Malicious code in water-catch-cloud-upsilon-java npm...

EUVD-2025-177749

Malicious code in mu-mu-psi-zero-java npm...

EUVD-2025-176138

Malicious code in sun-throw-export-xml-java npm...

MAL-2025-188411 Malicious code in omega-big-zero-export-java (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6452494d4a91b262c8f8c973f098395e47d3fd525719d07e2c95a4915fae749b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

A Bootiful Podcast: The legendary Bruce Eckel on language design, effects, abstraction, concurrency, and so much more

Hi, Spring fans! In this installment, I sit down with the legendary Bruce Eckel, who has probably forgotten more about programming languages than I will ever know, and whose book Thinking in Java helped launch me into a career...

Red Hat build of Keycloak 安全漏洞

Red Hat build of Keycloak is a web application for single sign-on from Red Hat, Inc. A security vulnerability exists in Red Hat build of Keycloak version 26.4 that stems from debug mode insecurely binding the JDWP port to all network interfaces, which could lead to remote code execution...

Security Bulletin: IBM QRadar SIEM protocol is affected by an Elevation of Privilege in the Azure SDK for Java.

Summary Azure SDK for Java may allow privilege escalation under certain conditions; IBM QRadar SIEM has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2020-16971 DESCRIPTION: Azure SDK for Java Security Feature Bypass Vulnerability CVSS Source: NVD CVSS Base score: 9.1 CVSS...

CVE-2025-42919

Due to an Information Disclosure vulnerability in SAP NetWeaver Application Server Java, internal metadata files could be accessed via manipulated URLs. An unauthenticated attacker could exploit this vulnerability by inserting arbitrary path components in the request, allowing unauthorized access...

openSUSE Security Advisory (SUSE-SU-2025:4039-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2025:4005-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2025:4039-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2025:4038-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM Sterling Transformation Extender is affected by multiple IBM Semeru Java 17 vulnerabilities

Summary IBM Sterling Transformation Extender uses IBM Semeru Runtime Certified Edition, Version 17 and is affected by multiple vulnerabilities CVE-2025-53057, CVE-2025-53066, CVE-2025-50059, CVE-2025-50106, CVE-2025-30749, CVE-2025-30761 and CVE-2025-30754. Vulnerability Details...

Security Bulletin: IBM Sterling Transformation Extender is affected by multiple IBM Java 8 vulnerabilities

Summary IBM Sterling Transformation Extender uses IBM SDK, Java Technology Edition, Version 8 and is affected by multiple vulnerabilities CVE-2025-53066, CVE-2025-53057, CVE-2025-50106, CVE-2025-30749, CVE-2025-30761 and CVE-2025-30754. Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An...