Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-xvqc-pp94-fmpx
  • Maven/org.apache.activemq:activemq-all
  • Maven/org.apache.activemq:activemq-mqtt
  • Maven/org.apache.activemq:apache-activemq
 Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ MQTT vulnerable to Integer Overflow or Wraparound yesterday
  • Fix available
  • Severity - 5.4 (Medium)
GHSA-3cjc-vhfm-ffp2
  • Maven/org.apache.dolphinscheduler:dolphinscheduler
 Apache DolphinScheduler vulnerable to sensitive information disclosure yesterday
  • Fix available
  • Severity - 7.5 (High)
GHSA-jx2w-vp7f-456q
  • Maven/io.quarkiverse.openapi.generator:quarkus-openapi-generator
 quarkus-openapi-generator extension has Zip Slip Path Traversal in ApicurioCodegenWrapper class 2 days ago
  • Fix available
  • Severity - 6.3 (Medium)
GHSA-gc59-r5jq-98qw
  • Maven/org.eclipse.jetty.ee10:jetty-ee10
 Eclipse Jetty: Early return from the JASPIAuthenticator code can potentially no clear ThreadLocal variables 2 days ago
  • Fix available
  • Severity - 7.4 (High)
GHSA-h259-74h5-4rh9
  • Maven/org.xwiki.platform:xwiki-platform-legacy-oldcore
  • Maven/org.xwiki.platform:xwiki-platform-oldcore
 XWiki vulnerable to remote code execution with script right through unprotected Velocity scripting API 2 days ago
  • Fix available
  • Severity - 8.6 (High)
GHSA-hxf2-gm22-7vcm
  • Maven/gov.nsa.emissary:emissary
 Emissary has a Path Traversal via Blacklist Bypass in Configuration API 2 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-6c37-7w4p-jg9v
  • Maven/gov.nsa.emissary:emissary
 Emissary has a Command Injection via PLACE_NAME Configuration in Executrix 2 days ago
  • Fix available
  • Severity - 7.2 (High)
GHSA-3g6g-gq4r-xjm9
  • Maven/gov.nsa.emissary:emissary
 Emissary has GitHub Actions Shell Injection via Workflow Inputs 2 days ago
  • Fix available
  • Severity - 9.1 (Critical)
GHSA-wpwf-v25w-54g3
  • Maven/tech.powerjob:powerjob-server-starter
 PowerJob's GroovyEvaluator.evaluate endpoint vulnerable to code injection 2 days ago
  • No fix available
  • Severity - 6.9 (Medium)
GHSA-4fp2-3xgg-jg4w
  • Maven/tech.powerjob:powerjob-server-starter
 PowerJob vulnerable to SQL injection 2 days ago
  • No fix available
  • Severity - 5.5 (Medium)
GHSA-cpm7-cfpx-3hvp
  • Maven/gov.nsa.emissary:emissary
 Emissary has Stored XSS via Navigation Template Link Injection 2 days ago
  • Fix available
  • Severity - 4.8 (Medium)
GHSA-8jxr-pr72-r468
  • Maven/io.modelcontextprotocol.sdk:mcp-core
 Java-SDK has a DNS Rebinding Vulnerability 2 days ago
  • Fix available
  • Severity - 7.6 (High)
GHSA-fh34-c629-p8xj
  • Maven/org.apache.cassandra:cassandra-all
 Apache Cassandra has sensitive Information Leak in cqlsh 3 days ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-qffm-gf3j-6mvg
  • Maven/org.apache.cassandra:cassandra-all
 Apache Cassandra has an authenticated DoS over CQL 3 days ago
  • Fix available
  • Severity - 2.3 (Low)
GHSA-qxpc-96fq-wwmg
  • Maven/org.apache.cassandra:cassandra-all
 Apache Cassandra is vulnerable to privilege escalation in an mTLS environment using MutualTlsAuthenticator 3 days ago
  • Fix available
  • Severity - 8.8 (High)
GHSA-2cqq-rpvq-g5qj
  • Maven/org.openidentityplatform.openam:openam
 OpenIdentityPlatform OpenAM: Pre-Authentication Remote Code Execution via `jato.clientSession` Deserialization in OpenAM 3 days ago
  • Fix available
  • Severity - 9.3 (Critical)
Load more...