Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-cx25-xg7c-xfm5
  • Maven/org.apache.struts:struts-extras
 Apache Struts Extras Before 2 has an Improper Output Neutralization for Logs Vulnerability 8 hours ago
  • No fix available
  • Severity - 6.5 (Medium)
GHSA-27gp-8389-hm4w
  • Maven/org.keycloak:keycloak-services
 Keycloak Privilege Escalation Vulnerability in Admin Console (FGAPv2 Enabled) 14 hours ago
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-xhpr-465j-7p9q
  • Maven/org.keycloak:keycloak-services
 Keycloak phishing attack via email verification step in first login flow 14 hours ago
  • Fix available
  • Severity - 5.4 (Medium)
GHSA-j63h-hmgw-x4j7
  • Maven/org.opencastproject:opencast-common
  • Maven/org.opencastproject:opencast-ingest-service-impl
  • Maven/org.opencastproject:opencast-kernel
  • Maven/org.opencastproject:opencast-publication-service-oaipmh-remote
 Opencast still publishes global system account credentials 5 days ago
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-p9qm-p942-q3w5
  • Maven/org.xwiki.platform:xwiki-platform-oldcore
 XWiki Platform vulnerable to SQL injection through XWiki#searchDocuments API 5 days ago
  • Fix available
  • Severity - 8.6 (High)
GHSA-vr59-gm53-v7cq
  • Maven/org.xwiki.platform:xwiki-platform-distribution-war
 XWiki Platform vulnerable to SQL injection through getdeleteddocuments.vm template sort parameter 6 days ago
  • Fix available
  • Severity - 9.3 (Critical)
GHSA-jq2c-m8gg-mqcm
  • Maven/org.apache.jena:jena-fuseki
 Apache Jena allows users with administrator access to create databases files outside the files area of the Fuseki server 21 Jul
  • Fix available
  • Severity - 4.9 (Medium)
GHSA-xg9p-p463-3qjp
  • Maven/org.apache.jena:jena
 Apache Jena doesn't validate file access paths in configuration files uploaded by users with administrator access 21 Jul
  • Fix available
  • Severity - 7.2 (High)
GHSA-f8vw-8vgh-22r9
  • Maven/com.xuxueli:xxl-job-core
 XXL-JOB is vulnerable to SSRF attacks 18 Jul
  • No fix available
  • Severity - 2.1 (Low)
GHSA-f7h5-c625-3795
  • Maven/org.glassfish.main.admingui:console-common
 Eclipse GlassFish is vulnerable to Server Side Request Forgery attacks through specific endpoints 16 Jul
  • No fix available
  • Severity - 8.9 (High)
GHSA-62g9-99m7-w8wv
  • Maven/org.glassfish.main.admingui:console-cluster-plugin
 Eclipse GlassFish is vulnerable to Stored XSS attacks through its Administration Console 16 Jul
  • No fix available
  • Severity - 6.1 (Medium)
GHSA-99f7-hp6j-v6q4
  • Maven/org.glassfish.main.admingui:console-common
 Eclipse GlassFish is vulnerable to Login Brute Force attacks through unlimited failed login attempts 16 Jul
  • No fix available
  • Severity - 6.3 (Medium)
GHSA-hp97-5x6g-q538
  • Maven/org.glassfish.main.admingui:console-common
 Eclipse GlassFish is vulnerable to Stored XSS attacks through configuration file modifications 16 Jul
  • No fix available
  • Severity - 5.8 (Medium)
GHSA-mqxx-c43h-jj9v
  • Maven/org.glassfish.main.admingui:console-common
 Eclipse GlassFish is vulnerable to Stored XSS attacks through its Administration Console 16 Jul
  • No fix available
  • Severity - 6.1 (Medium)
GHSA-vqrm-83g6-pfv4
  • Maven/org.glassfish.main.admingui:console-common
  • Maven/org.glassfish.main.admingui:console-cluster-plugin
 Eclipse GlassFish is vulnerable to Reflected XSS attacks through its Administration Console 16 Jul
  • No fix available
  • Severity - 4.5 (Medium)
GHSA-4q2v-9p7v-3v22
  • Maven/io.projectreactor.netty:reactor-netty-http
 Reactor Netty HTTP is vulnerable to credential leaks during chained redirects 16 Jul
  • Fix available
  • Severity - 6.1 (Medium)
Load more...