PT-2026-38818

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10, 21.0.2, 22; Oracl...

Node.js 安全漏洞

Node.js is an open-source, cross-platform JavaScript runtime environment developed by the Node.js community. Versions 20.x, 22.x, 24.x, and 25.x of Node.js have security vulnerabilities. These vulnerabilities stem from HMAC verification using a comparison that does not maintain constant time, whi...

EUVD-2023-2513

Malicious code in bioql PyPI...

PT-2024-25529 · Cosy+ · Cosy+

Name of the Vulnerable Software and Affected Versions: Cosy+ devices versions 21.x through 21.2s9 Cosy+ devices versions 22.x through 22.1s2 Description: The issue concerns insecure permissions in Cosy+ devices, which can lead to information leakage through cookies. This problem is resolved in...

@ag-grid-enterprise/all-modules (>=22.0.0 <=27.3.0), @ag-grid-enterprise/charts-enterprise (>=31.1.0 <=31.3.3) +55 more potentially affected by CVE-2024-39001 via @ag-grid-enterprise/charts (>=22.0.0 <=31.3.3)

@ag-grid-enterprise/charts NPM version =22.0.0, =22.0.0, =31.1.0, =0.1.43, =0.0.1, =0.1.46, =0.0.1, =0.0.6, =2.1.5, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.5 and more Source cves: CVE-2024-39001 Source advisory: OSV:GHSA-328P-362G-R48J...

CVE-2022-29567

The default configuration of a TreeGrid component uses Object::toString as a key on the client-side and server communication in Vaadin 14.8.5 through 14.8.9, 22.0.6 through 22.0.14, 23.0.0.beta2 through 23.0.8 and 23.1.0.alpha1 through 23.1.0.alpha4, resulting in potential information disclosure ...