EUVD-2019-12081

Malware in sbrugna...

CVE-2019-9823

In several JetBrains IntelliJ IDEA versions, creating remote run configurations of JavaEE application servers leads to saving a cleartext record of the server credentials in the IDE configuration files. The issue has been fixed in the following versions: 2018.3.5, 2018.2.8, 2018.1.8...

IBM WebSphere Application Server Cross-Site Scripting Vulnerability

IBM WebSphere Application Server WAS is an application server product from International Business Machines IBM. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. A cross-site scripting vulnerability exists in IBM...

IBM WebSphere Application Server Code Issue Vulnerability (CNVD-2024-43186)

IBM WebSphere Application Server WAS is an application server product from International Business Machines IBM. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. A code issue vulnerability exists in IBM WebSphere...

IBM WebSphere Application Server and IBM WebSphere Application Server Liberty XML External Entity Injection Vulnerability

IBM WebSphere Application Server WAS and IBM WebSphere Application Server Liberty are both products of International Business Machines IBM.IBM WebSphere Application Server is an application server IBM WebSphere Application Server is an application server product. The product is a platform for...

IBM WebSphere Application Server and IBM WebSphere Application Server Liberty Server-Side Request Forgery Vulnerability

IBM WebSphere Application Server WAS and IBM WebSphere Application Server Liberty are both products of International Business Machines IBM.IBM WebSphere Application Server is an application server IBM WebSphere Application Server is an application server product. The product is a platform for...

IBM WebSphere Application Server encryption problem vulnerability

IBM WebSphere Application Server WAS is an application server product from International Business Machines IBM. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. IBM WebSphere Application Server versions 8.5 and 9.0 ha...

IBM WebSphere Application Server Code Injection Vulnerability

IBM WebSphere Application Server WAS is an application server product from International Business Machines IBM. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform.A code injection vulnerability exists in IBM WebSphere...

IBM WebSphere Application Server Code Issue Vulnerability (CNVD-2022-66768)

IBM WebSphere Application Server WAS is an application server product from International Business Machines IBM. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. A code issue vulnerability exists in IBM WebSphere...

GHSA-CQHR-JQVC-QW9P Java Melody vulnerable to cross-site scripting

JavaMelody is a monitoring tool for JavaEE applications. Versions prior to 1.61.0 are vulnerable to a cross-site scripting XSS attack. This issue was patched in version 1.61.0, and users are recommended to upgrade to the latest version. There are no known workarounds...

Java Melody vulnerable to cross-site scripting

JavaMelody is a monitoring tool for JavaEE applications. Versions prior to 1.61.0 are vulnerable to a cross-site scripting XSS attack. This issue was patched in version 1.61.0, and users are recommended to upgrade to the latest version. There are no known workarounds...

Unspecified Vulnerability in IBM WebSphere Application Server

IBM WebSphere Application Server WAS is an application server product from IBM in the United States. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. A security vulnerability exists in IBM WebSphere Application Server...

Spring Framework Denial of Service Vulnerability (CNVD-2022-68890)

Spring Framework is the U.S. Spring team of a set of open source Java, JavaEE application framework . The framework helps developers build high-quality applications.Spring Framework versions prior to 5.3.20, 5.2.22 contain a denial-of-service vulnerability. An attacker can exploit this...

VMware Spring Framework Code Injection Vulnerability

VMware Spring Framework is an open source Java, JavaEE application framework from VMware, Inc. A code injection vulnerability exists in Vmware Spring Framework, which stems from the RCE for data binding on JDK 9. No details of the vulnerability are currently available...

Vmware Spring Framework Denial of Service Vulnerability

Vmware Spring Framework is a set of open source Java, JavaEE application framework from Vmware USA. The framework helps developers build high-quality applications.Vmware Spring Framework has a denial-of-service vulnerability that can be exploited by attackers to cause a denial of service via a...

Vmware Spring Framework has an unspecified vulnerability

Vmware Spring Framework is an open source Java, JavaEE application framework from Vmware, Inc. The framework helps developers build high-quality applications.Vmware Spring Framework has a security vulnerability that can be exploited by attackers to bypass Spring Framework access restrictions...

Arbitrary File Read Vulnerability in the javaee Forum System of Beijing Weike Tongshuo Technology Co.

Beijing Weike Tongshuo Technology Co., Ltd. is a professional enterprise that provides Internet full integrated marketing services for large enterprises and organizations. There is an arbitrary file reading vulnerability in the javaee forum system of Beijing Microcomputer Technology Co. Ltd, whic...

SQL injection vulnerability in JTopCMS Ma***.jsp page of Hefei Mingjing Information Technology Co.

JTopCMS is based on the JavaEE standard , used to manage site content of the open source web management system . Ltd. JTopCMS Ma.jsp page SQL injection vulnerability, an attacker can use the vulnerability to obtain sensitive database information...

XSS Vulnerability in JTopCMS of Hefei Mingjing Information Technology Co.

JTopCMS is based on the JavaEE standard , used to manage site content of the open source web management system . Hefei Mingjing Information Technology Co., Ltd. JTopCMS XSS vulnerability, attackers can use the vulnerability to obtain sensitive information such as user cookies...

JTopCMS has a file upload vulnerability

JTopCMS based on the JavaEE standard , is used to manage site content open source web management system cms, java cms, jsp cms. JTopCMS has a file upload vulnerability that can be exploited by an attacker to gain control of the server...