Bootstrap Os@- Security Vulnerabilities and Issues — Bootstrap Os@- CVE List

Lucene search

NetappBootstrap Os-

8 matches found

CVE•added 2025/03/10 5:15 p.m.•968 views

CVE-2025-24813

Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through 10...

9.8CVSS9.3AI score0.94205EPSS

In wild

CVE•added 2025/01/21 9:15 p.m.•582 views

CVE-2025-21502

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13, 21.0.5, 23.0.1; Orac...

4.8CVSS4.1AI score0.00024EPSS

CVE•added 2025/02/05 10:15 a.m.•363 views

CVE-2025-0665

libcurl would wrongly close the same eventfd file descriptor twice when takingdown a connection channel after having completed a threaded name resolve.

9.8CVSS7AI score0.05132EPSS

CVE•added 2025/02/05 10:15 a.m.•317 views

CVE-2025-0167

When asked to use a .netrc file for credentials and to follow HTTPredirects, curl could leak the password used for the first host to thefollowed-to host under certain circumstances. This flaw only manifests itself if the netrc file has a default entry thatomits both login and password. A rare circu...

3.4CVSS7AI score0.00077EPSS

CVE•added 2025/04/15 9:15 p.m.•221 views

CVE-2025-30691

Vulnerability in Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle Java SE: 21.0.6, 24; Oracle GraalVM for JDK: 21.0.6 and 24. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java ...

4.8CVSS4.2AI score0.00025EPSS

CVE•added 2025/02/12 7:15 p.m.•129 views

CVE-2025-1215

A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able ...

7.8CVSS4AI score0.00128EPSS

CVE•added 2025/01/13 9:15 p.m.•112 views

CVE-2025-22134

When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual...

5.5CVSS4.7AI score0.00023EPSS

CVE•added 2025/03/13 5:15 p.m.•78 views

CVE-2025-29768

Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patc...

4.4CVSS4.6AI score0.00072EPSS