EUVD-2019-15487

Malware in sbrugna...

EUVD-2022-4180

Malicious code in bioql PyPI...

com.atomikos:transactions-spring-boot-integration-tests (>=5.0.9 <=6.0.1), com.atomikos:transactions-spring-boot3-integration-tests (>=6.0.0 <=6.0.1) +158 more potentially affected by CVE-2025-27427 via org.apache.activemq:artemis-server (>=2.0.0 <=2.3.0)

org.apache.activemq:artemis-server MAVEN version =2.0.0, =5.0.9, =6.0.0, =2.2.1, =2.2.1, =2.2.2, =2.2.1, =2018.9.23, =2018.12.15, =2018.9.23, =2018.9.23, =0.0.1, =0.0.2, =1.14.2, =2.0.0, =6u3 and more Source cves: CVE-2025-27427 Source advisory: OSV:GHSA-3W85-5P9G-H334...

Nablarch Incomplete Cryptography

An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 5, and 5u1 to 5u13 allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value via unspecified vectors...

GHSA-HMX6-GC2P-5P82 Nablarch Incomplete Cryptography

An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 5, and 5u1 to 5u13 allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value via unspecified vectors...

Information Disclosure

nablarch-fw-web is vulnerable to information disclosure. Remote attackers are able to obtain information regarding stored data, register or modify invalid values due to incomplete cryptography of the data store function...

XML External Entity (XXE)

nablarch is vulnerable to XML external entity XXE attacks. Lack of validation and permitting of external DTDs in XML submissions allows an attacker to perform XXE attacks...

CVE-2019-5918

Nablarch 5 5, and 5u1 to 5u13 allows remote attackers to conduct XML External Entity XXE attacks via unspecified vectors...

Xxe

Nablarch 5 5, and 5u1 to 5u13 allows remote attackers to conduct XML External Entity XXE attacks via unspecified vectors...

Design/Logic Flaw

An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 5, and 5u1 to 5u13 allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value via unspecified vectors...

CVE-2019-5919

An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 5, and 5u1 to 5u13 allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value via unspecified vectors...

CVE-2019-5919

An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 5, and 5u1 to 5u13 allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value via unspecified vectors...

CVE-2019-5918

Nablarch 5 5, and 5u1 to 5u13 allows remote attackers to conduct XML External Entity XXE attacks via unspecified vectors...

CVE-2019-5918

Affected software: Nablarch 5 (5, and 5u1 to 5u13). Vulnerability: XML External Entity (XXE) attacks due to lack of XML validation/external DTD handling (CWE-611). Impact: remote attacker could cause information leakage or system shutdown. Root cause (as stated): XXE in the generic formatter func...

CVE-2019-5918

Nablarch 5 5, and 5u1 to 5u13 allows remote attackers to conduct XML External Entity XXE attacks via unspecified vectors...

CVE-2019-5919

An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 5, and 5u1 to 5u13 allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value via unspecified vectors...

CVE-2019-5919

CVE-2019-5919 affects Nablarch 5 (including 5, 5u1–5u13). The vulnerability is an incomplete cryptography of the data store function caused by a hidden tag, enabling remote attackers to obtain information about stored data, register invalid values, or alter values via unspecified vectors. The iss...

Nablarch Denial of Service Vulnerability

Nablarch is a Java application framework based on the middleware model . A security vulnerability exists in Nablarch versions 5, 5u1, and 5u13. A remote attacker could exploit the vulnerability to disclose information or cause a system shutdown...

Nablarch Unauthorized Operation Vulnerability

Nablarch is a Java application framework based on the middleware model . A security vulnerability exists in Nablarch versions 5, 5u1 and 5u13. An attacker can exploit the vulnerability to obtain information about stored data, register or modify invalid values...

Multiple vulnerabilities in Nablarch

Overview Nablarch provided by TIS Inc. contains multiple vulnerabilities listed below. The vulnerability in the function of generic formatter by XXE attacks CWE-611 - CVE-2019-5918 An incomplete cryptography of the data store function by using hidden tag CWE-310 - CVE-2019-5919 TIS Inc. reported...