CVE-2025-54369 Node-SAML SAML Authentication Bypass

Node-SAML is a SAML library not dependent on any frameworks that runs in Node. In versions 5.0.1 and below, Node-SAML loads the assertion from the unsigned original response document. This is different than the parts that are verified when checking signature. This allows an attacker to modify...

CVE-2025-53030

...

CVE-2025-50104

...

CVE-2025-50100

CVE-2025-50100 affects Oracle MySQL Server, specifically the Thread Pooling component. Affected versions are 8.0.0–8.0.42, 8.4.0–8.4.5, and 9.0.0–9.3.0. The issue is described as a high-privilege, network-access vulnerability that can, per the connected documents, enable partial denial of service...

CVE-2025-50099

...

CVE-2025-50072

...

CVE-2025-50059

CVE-2025-50059 targets Oracle Java SE and GraalVM family (Networking and related components). Affected versions include Oracle Java SE 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; GraalVM for JDK 17.0.15, 21.0.7, 24.0.1; GraalVM Enterprise 21.3.14. The issue enables unauthenticated, network-acce...

CVE-2025-30759

The CVE-2025-30759 issue affects Oracle Business Intelligence Enterprise Edition (OBIEE) Platform Security. Affected are Oracle Analytics OBIEE versions 7.6.0.0.0, 8.2.0.0.0 and 12.2.1.4.0. The vulnerability allows unauthenticated remote HTTP access and can lead to unauthorized data update/insert...

CVE-2025-30749

CVE-2025-30749 affects Oracle Java SE, GraalVM for JDK and GraalVM Enterprise Edition (component: 2D, with JSSE/Networking/Scripting as other components) per the provided documents. Affected Oracle Java SE versions include 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; affected GraalVM for ...

CVE-2003-5004

creationtimestamp| type| source ---|---|--- 2025-05-22 23:53:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpscrssa7m2k...

CVE-2025-30397

CVE-2025-30397 is a memory-corruption/Use-After-Free style vulnerability in the Microsoft Scripting Engine (jscript.dll) that enables remote code execution via specially crafted web content. The CVE’s affected component is the JScript/Windows Scripting Engine, with an attack vector over the netwo...

MAL-2025-3428 Malicious code in zocslib (npm)

--- -= Per source details. Do not edit below this line.=-...

CVE-2025-30728

...

CVE-2025-30725

...

CVE-2025-30715

Public technical details about CVE-2025-30715 are not provided in the supplied documents. Monitor for updates from Oracle and vendors for affected versions, impact, and fixes.

CVE-2025-30707

...

CVE-2025-30699

CVE-2025-30699 affects Oracle MySQL Server, component: Server: Stored Procedure. Affected versions: 8.0.0–8.0.41, 8.4.0–8.4.4, 9.0.0–9.2.0. An attacker with high privileges and network access via multiple protocols can exploit this to cause a hang or a complete denial of service on MySQL Server. ...

CVE-2025-30687

CVE-2025-30687 affects Oracle MySQL Server (Server: Optimizer). Affected are MySQL versions 8.0.0–8.0.41, 8.4.0–8.4.4, and 9.0.0–9.2.0. The issue allows a network-accessing, low-privilege attacker to cause a hang or frequent crashes (DoS). No exploitation status or in-wild details are provided in...

CVE-2025-21583

Oracle MySQL Server vulnerability CVE-2025-21583 affects the Server: DDL component in MySQL. Affected versions are 8.4.0 and 9.0.0. The issue can be triggered by a high-privileged attacker with network access via multiple protocols, leading to a hang or a frequently repeatable crash (complete DoS...

MAL-2025-1889 Malicious code in meli-payment (npm)

--- -= Per source details. Do not edit below this line.=-...