51 matches found
BIT-TOMCAT-2026-29145 Apache Tomcat, Apache Tomcat Native: OCSP checks sometimes soft-fail even when soft-fail is disabled
CLIENTCERT authentication does not fail as expected for some scenarios when soft fail is disabled vulnerability in Apache Tomcat, Apache Tomcat Native. This issue affects Apache Tomcat: from 11.0.0 through 11.0.18, from 10.1.0 through 10.1.52, from 9.0.83 through 9.0.115; Apache Tomcat Native: fr...
CVE-2022-38216
An integer overflow exists in Mapbox's closed source gl-native library prior to version 10.6.1, which is bundled with multiple Mapbox products including open source libraries. The overflow is caused by large image height and width values when creating a new Image and allows for out of bounds...
EUVD-2025-23669
Malicious code in bioql PyPI...
MAL-2025-31817 Malicious code in react-native-lib-teste (npm)
The package react-native-lib-teste was found to contain malicious code...
Malicious code in react-native-lib-teste (npm)
The package react-native-lib-teste was found to contain malicious code...
CVE-2025-54594
react-native-bottom-tabs is a library of Native Bottom Tabs for React Native. In versions 0.9.2 and below, the github/workflows/release-canary.yml GitHub Actions repository workflow improperly used the pullrequesttarget event trigger, which allowed for untrusted code from a forked pull request to...
CVE-2025-5099
An Out of Bounds Write occurs when the native library attempts PDF rendering, which can be exploited to achieve memory corruption and potentially arbitrary code execution...
Mobile Dynamix PrinterShare Mobile Print 安全漏洞
Foxit PDF Reader is a software for reading and working with PDF documents. A memory corruption vulnerability exists in Foxit PDF Reader. The vulnerability stems from an out-of-bounds write to the native library when attempting PDF rendering, resulting in memory corruption. An attacker can exploit...
BIT-GRADLE-2025-27148 Gradle vulnerable to local privilege escalation through system temporary directory
Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. On Unix-like systems, the system temporary directory can be created with open permissions that allow multiple users to create and delete files within it. This library initialization could be...
OESA-2025-1137 jss security update
JSS offers a implementation for java-based applications to use native NSS. Security Fixes: A flaw was found in JSS. A memory leak in JSS requires non-standard configuration but is a low-effort DoS vector if configured that way repeatedly hitting the login page.CVE-2022-4132...
Important: Red Hat Security Advisory: Red Hat JBoss Web Server 5.8.1 release and security update
An update is now available for Red Hat JBoss Web Server 5.8 on Red Hat Enterprise Linux versions 7, 8, and 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Important: Red Hat Security Advisory: Red Hat JBoss Web Server 5.8.1 release and security update
Red Hat JBoss Web Server 5.8.1 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows Server. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CV...
PT-2024-26379 · Kingsoft · Wps Office
Name of the Vulnerable Software and Affected Versions: WPS Office versions prior to 17.0.0 Description: The issue arises from the application's failure to properly sanitize file names before processing them through external application interactions, leading to a form of path traversal. This...
Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 5.7.7 release and security update
Red Hat JBoss Web Server 5.7.7 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows Server. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVS...
Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 5.7.4 release and security update
Red Hat JBoss Web Server 5.7.4 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows Server. Red Hat Product Security has rated this release as having a security impact of Moderate. A Common Vulnerability Scoring System CV...
Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 5.7.1 release and security update
Red Hat JBoss Web Server 5.7.1 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, and Microsoft Windows. Red Hat Product Security has rated this release as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which give...
RHEL 7 / 8 / 9 : Red Hat JBoss Web Server 5.7.0 (RHSA-2022:7272)
The remote Redhat Enterprise Linux 7 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7272 advisory. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of...
Mapbox is vulnerable to Integer Overflow
An integer overflow exists in Mapbox's closed source gl-native library prior to version 10.6.1, which is bundled with multiple Mapbox products including open source libraries. The overflow is caused by large image height and width values when creating a new Image and allows for out of bounds...
CVE-2022-38216
Summary: CVE-2022-38216 reports an integer overflow in Mapbox’s closed‑source gl-native library prior to v10.6.1, bundled with multiple Mapbox products. The overflow is triggered by large image height/width values when creating a new Image and can cause out‑of‑bounds writes, potentially crashing ...
Important: Red Hat Security Advisory: Red Hat JBoss Web Server 5.6.2 Security Update
Red Hat JBoss Web Server 5.6.2 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, and Microsoft Windows. Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which giv...