Lucene search
+L

1294 matches found

Wolfi
Wolfi
added 2026/05/07 2:1 a.m.21 views

CVE-2026-41417 vulnerabilities

Vulnerabilities for packages: neo4j, thingsboard, management-api-for-apache-cassandra-5.0, selenium, akhq, wavefront-proxy, tez, kserve-modelmesh, flyway, apache-nifi-registry, sonarqube, strimzi-kafka-operator, apache-activemq-artemis, opensearch, spark, apicurio-registry, apache-nifi, trino,...

5.3CVSS6.2AI score0.00307EPSS
Exploits1
Chainguard
Chainguard
added 2026/05/07 1:17 a.m.34 views

GHSA-V8H7-RR48-VMMV vulnerabilities

Vulnerabilities for packages: management-api-for-apache-cassandra-5.0, kafka-bridge, tez, strimzi-kafka-operator-fips, nuxeo, spark-kubernetes-operator, knative-kafka-broker, spark-kubernetes-operator-fips, trino, apicurio-registry, keycloak, zipkin, kserve-modelmesh, knative-kafka-broker-fips,...

5.3AI score
Exploits0
Chainguard
Chainguard
added 2026/05/07 1:17 a.m.13 views

CVE-2026-41417 vulnerabilities

Vulnerabilities for packages: management-api-for-apache-cassandra-5.0, kafka-bridge, tez, strimzi-kafka-operator-fips, nuxeo, spark-kubernetes-operator, knative-kafka-broker, spark-kubernetes-operator-fips, trino, apicurio-registry, keycloak, zipkin, kserve-modelmesh, knative-kafka-broker-fips,...

5.3CVSS6.2AI score0.00307EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/04/27 12:30 p.m.7 views

org.apache.camel.kafkaconnector:camel-consul-kafka-connector (>=0.1.0 <=0.11.5), org.apache.camel.karaf:camel-consul (>=4.10.3 <=4.14.5) +7 more potentially affected by CVE-2026-27172 via org.apache.camel:camel-consul (>=3.0.0 <=4.14.5)

org.apache.camel:camel-consul MAVEN version =3.0.0, =0.1.0, =4.10.3, =4.10.3, =1.0.0, =1.0.0, =1.0.0, =4.10.0, =3.0.0, =4.14.5 - org.wildfly.camel:wildfly-camel-itests-standalone-docker =12.0.0 Source cves: CVE-2026-27172 Source advisory: OSV:GHSA-5RC6-9QFP-8VWG...

8.8CVSS5.8AI score0.00667EPSS
Exploits1
Wolfi
Wolfi
added 2026/03/27 7:48 a.m.8 views

GHSA-PWQR-WMGM-9RR8 vulnerabilities

Vulnerabilities for packages: neo4j, thingsboard, management-api-for-apache-cassandra-5.0, celeborn, akhq, wavefront-proxy, tez, kserve-modelmesh, flyway, sonarqube, strimzi-kafka-operator, apache-activemq-artemis, opensearch, spark, apicurio-registry, trino, infinispan, keycloak, wildfly,...

5.3AI score
Exploits0
Wolfi
Wolfi
added 2026/03/27 7:48 a.m.9 views

CVE-2026-33870 vulnerabilities

Vulnerabilities for packages: neo4j, thingsboard, management-api-for-apache-cassandra-5.0, celeborn, akhq, wavefront-proxy, tez, kserve-modelmesh, flyway, sonarqube, strimzi-kafka-operator, apache-activemq-artemis, opensearch, spark, apicurio-registry, trino, infinispan, keycloak, wildfly,...

7.5CVSS6.2AI score0.0064EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2026/03/18 1:54 p.m.5 views

undertow-core: Undertow HTTP Server Fails to Reject Malformed Host Headers Leading to Potential Cache Poisoning and SSRF

A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without...

9.6CVSS7.6AI score0.01179EPSS
Exploits0References4
OSV
OSV
added 2026/02/13 8:52 p.m.5 views

GHSA-QHP6-6P8P-2RQH Wildfly Elytron integration susceptible to brute force attacks via CLI

Impact A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI. Patches The default behaviour has been changed in...

8.1CVSS5.3AI score0.00817EPSS
Exploits1References10
Github Security Blog
Github Security Blog
added 2026/02/13 8:52 p.m.29 views

Wildfly Elytron integration susceptible to brute force attacks via CLI

Impact A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI. Patches The default behaviour has been changed in...

8.1CVSS5.3AI score0.00817EPSS
Exploits1References10Affected Software1
vulnersOsv
vulnersOsv
added 2026/01/30 3:31 p.m.7 views

io.github.rzo1.org.apache.cxf:apache-cxf (=4.2.0-tomee-m0-071068f), io.github.rzo1.org.apache.cxf:cxf-distribution-javadoc (=4.2.0-tomee-m0-071068f) +9 more potentially affected by CVE-2024-4027 via io.undertow:undertow-core (=2.4.0.Alpha1)

io.undertow:undertow-core MAVEN version =2.4.0.Alpha1 is affected by a known vulnerability. The following packages have a transitive dependency on io.undertow:undertow-core and may be impacted: - io.github.rzo1.org.apache.cxf:apache-cxf =4.2.0-tomee-m0-071068f -...

7.5CVSS5.8AI score0.00575EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/01/30 3:31 p.m.7 views

io.github.rzo1.org.apache.cxf:apache-cxf (=4.2.0-tomee-m0-071068f), io.github.rzo1.org.apache.cxf:cxf-distribution-javadoc (=4.2.0-tomee-m0-071068f) +9 more potentially affected by CVE-2024-4027 via io.undertow:undertow-core (=2.4.0.Alpha1)

io.undertow:undertow-core MAVEN version =2.4.0.Alpha1 is affected by a known vulnerability. The following packages have a transitive dependency on io.undertow:undertow-core and may be impacted: - io.github.rzo1.org.apache.cxf:apache-cxf =4.2.0-tomee-m0-071068f -...

7.5CVSS5.8AI score0.00575EPSS
Exploits0
Wolfi
Wolfi
added 2026/01/27 1:48 a.m.15 views

CVE-2025-12543 vulnerabilities

Vulnerabilities for packages: wildfly...

9.6CVSS5.9AI score0.01179EPSS
Exploits0
Wolfi
Wolfi
added 2026/01/27 1:48 a.m.4 views

GHSA-J382-5JJ3-VW4J vulnerabilities

Vulnerabilities for packages: wildfly...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2026/01/27 1:48 a.m.2 views

GHSA-6H4F-PJ3G-Q8FQ vulnerabilities

Vulnerabilities for packages: wildfly...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2026/01/27 1:48 a.m.18 views

CVE-2024-3884 vulnerabilities

Vulnerabilities for packages: wildfly...

7.5CVSS5.9AI score0.01256EPSS
Exploits0
Chainguard
Chainguard
added 2026/01/27 1:17 a.m.6 views

GHSA-J382-5JJ3-VW4J vulnerabilities

Vulnerabilities for packages: wildfly...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/01/27 1:17 a.m.5 views

GHSA-6H4F-PJ3G-Q8FQ vulnerabilities

Vulnerabilities for packages: wildfly...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/01/27 1:17 a.m.9 views

CVE-2025-12543 vulnerabilities

Vulnerabilities for packages: wildfly...

9.6CVSS5.9AI score0.01179EPSS
Exploits0
Chainguard
Chainguard
added 2026/01/27 1:17 a.m.15 views

CVE-2024-3884 vulnerabilities

Vulnerabilities for packages: wildfly...

7.5CVSS5.9AI score0.01256EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/01/08 4:53 p.m.5 views

undertow-core: Undertow HTTP Server Fails to Reject Malformed Host Headers Leading to Potential Cache Poisoning and SSRF

A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without...

9.6CVSS5.8AI score0.01179EPSS
Exploits0References4
Rows per page
Query Builder