Lucene search
K

4 matches found

Atlassian
Atlassian
added 2025/12/10 2:30 a.m.21 views

XXE (XML External Entity Injection) Tika Dependency Vulnerability in Crucible Server and Fisheye Server

This Crucible Server and Fisheye Server release includes updates to our Apache Tika dependency in response to CVE-2025-66516. Our security team has assessed that the current scope of this CVE does not present the same critical risk in our products, as our use of the dependency doesn’t support the...

9.8CVSS8.4AI score0.79807EPSS
Exploits5
Snyk
Snyk
added 2025/09/03 9:30 p.m.2 views

Use of Incorrectly-Resolved Name or Reference

Overview hono is an Ultrafast web framework for the Edges Affected versions of this package are vulnerable to Use of Incorrectly-Resolved Name or Reference via the getPath function in the utils/url.ts file. An attacker can gain unauthorized access to protected endpoints by sending specially craft...

8.7CVSS6.9AI score0.00498EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/05/23 12:0 a.m.3 views

PT-2023-5402 · Apache · Apache Rocketmq

Name of the Vulnerable Software and Affected Versions: Apache RocketMQ versions 5.1.0 and below Apache RocketMQ versions prior to 4.9.6 Description: The vulnerability is related to a permission verification issue in Apache RocketMQ, allowing attackers to perform remote command execution under...

10CVSS10AI score0.96604EPSS
Exploits11References149
Positive Technologies
Positive Technologies
added 2017/01/26 12:0 a.m.3 views

PT-2019-7560 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.9.6 Description: The issue is related to an off-by-one error in the cqspi setup flash function, located in the drivers/mtd/spi-nor/cadence-quadspi.c file. This error occurs because there are CQSPI MAX CHIPSELE...

9.8CVSS6AI score0.03075EPSS
Exploits0References24
Rows per page
Query Builder