EUVD-2026-31846

Files or Directories Accessible to External Parties, Server-Side Request Forgery SSRF vulnerability in Apache Flink Kubernetes Operator. The FlinkSessionJob jarURI is currently not validated so that it points to user-owned files or addresses. This lets a user with CR create permissions read files...

PT-2023-32082 · Unknown · Infinispan

Name of the Vulnerable Software and Affected Versions: Infinispan affected versions not specified Description: A flaw was found in the serialization of cache configurations to XML, JSON, or YAML formats, which can contain credentials such as those used in JDBC stores with connection pooling or...

Apache Archiva Cross-Site Scripting Vulnerability (CNVD-2023-23556)

Apache Archiva is a suite of software from the Apache Foundation for managing one or more remote stores. A cross-site scripting vulnerability exists in versions of Apache Archiva prior to 2.0 to 2.2.10. The vulnerability creates directory names that lack effective filtering and escaping of...

CVE-2019-1204

An elevation of privilege vulnerability exists when Microsoft Outlook initiates processing of incoming messages without sufficient validation of the formatting of the messages. An attacker who successfully exploited the vulnerability could attempt to force Outlook to load a local or remote messag...