org.apache.opennlp:opennlp-cli (>=3.0.0-M1 <=3.0.0-M2), org.apache.opennlp:opennlp-distr (>=3.0.0-M1 <=3.0.0-M2) +6 more potentially affected by CVE-2026-40682 via org.apache.opennlp:opennlp-runtime (>=3.0.0-M1 <=3.0.0-M2)

org.apache.opennlp:opennlp-runtime MAVEN version =3.0.0-M1, =3.0.0-M1, =3.0.0-M1, =3.0.0-M1, =3.0.0-M1, =3.0.0-M1, =3.0.0-M1, =3.0.0-M2 Source cves: CVE-2026-40682 Source advisory: SNYK:JAVA-ORGAPACHEOPENNLP-16419378...

EUVD-2019-0479

Malware in sbrugna...

EUVD-2022-7464

Malicious code in bioql PyPI...

EUVD-2022-5606

Malicious code in bioql PyPI...

EUVD-2023-0843

Malicious code in bioql PyPI...

EUVD-2023-2891

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2018-8035

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This vulnerability relates to the user's browser processing of DUCC webpage input data.The javascript comprising Apache UIMA DUCC = 2.2.2 which runs in the user...

Linux Distros Unpatched Vulnerability : CVE-2022-32287

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A relative path traversal vulnerability in a FileUtil class used by the PEAR management component of Apache UIMA allows an attacker to create files outside the...

Linux Distros Unpatched Vulnerability : CVE-2017-15691

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache uimaj prior to 2.10.2, Apache uimaj 3.0.0-xxx prior to 3.0.0-beta, Apache uima-as prior to 2.10.2, Apache uimaFIT prior to 2.4.0, Apache uimaDUCC prio...

CVE-2023-28935

UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Software Foundation Apache UIMA DUCC. When using the "Distributed UIMA Cluster Computing" DUCC module of Apache UIMA, an authenticated user that has the permissions ...

CVE-2018-8035

This vulnerability relates to the user's browser processing of DUCC webpage input data.The javascript comprising Apache UIMA DUCC = 2.2.2 which runs in the user's browser does not sufficiently filter user supplied inputs, which may result in unintended execution of user supplied javascript code...

Security Bulletin: Vulnerability in Apache UIMA ( CVE-2022-32287) may affect IBM watsonx Assistant for IBM Cloud Pak for Data

Summary A potential vulnerability CVE-2022-32287 has been identified related to Apache UIMA that may affect IBM watsonx Assistant for IBM Cloud Pak for Data. vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2022-32287 DESCRIPTION:...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Apache UIMA Java SDK arbitrary code execution vulnerability ( CVE-2023-39913)

Summary Potential Apache UIMA Java SDK arbitrary code execution vulnerability has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-39913...

Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Apache UIMA

Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of Apache UIMA. Vulnerability Details CVEID:CVE-2022-32287 DESCRIPTION: Apache UIMA could allow a remote attacker to traverse directories on the system, caused by improper validation of user supplied...

activemq:activemq (=1.1), activemq:activemq-optional (=3.2) +53 more potentially affected by CVE-2023-51441 via axis:axis (>=1.2 <=1.3)

axis:axis MAVEN version =1.2, =1.2.5, =4.0, =1.6, =1.1, =1.0.0, =1.0.0, =1.0.0, =1.1.3 and more Source cves: CVE-2023-51441 Source advisory: OSV:GHSA-HR2C-P8RH-238H...

Apache UIMA Deserialization Vulnerability

Apache UIMA is the United States Apache Apache Foundation, a componentized software architecture. Used to analyze large-volume unstructured information associated with end users. Apache UIMA version 3.5.0 before the existence of a deserialization vulnerability , the vulnerability stems from the...

CVE-2023-39913

An input validation flaw was found in Apache UIMA. This issue may allow a remote attacker to execute arbitrary code, compromising the confidentiality, integrity, and availability of affected systems...

Apache UIMA Java SDK Deserialization of Untrusted Data, Improper Input Validation vulnerability

Deserialization of Untrusted Data, Improper Input Validation vulnerability in Apache UIMA Java SDK. This issue affects Apache UIMA Java SDK before 3.5.0. Users are recommended to upgrade to version 3.5.0, which fixes the issue. There are several locations in the code where serialized Java objects...

GHSA-5R8J-QMCM-7G7Q Apache UIMA Java SDK Deserialization of Untrusted Data, Improper Input Validation vulnerability

Deserialization of Untrusted Data, Improper Input Validation vulnerability in Apache UIMA Java SDK. This issue affects Apache UIMA Java SDK before 3.5.0. Users are recommended to upgrade to version 3.5.0, which fixes the issue. There are several locations in the code where serialized Java objects...

CVE-2023-39913

Deserialization of Untrusted Data, Improper Input Validation vulnerability in Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK.This issue affects Apache UIMA Java SDK: before 3.5.0. Users are recommended to upgrade to version 3.5.0, which fixes the issue. The...