Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
SUSE-SU-2026:1742-1 Vulnerability in dos (SUSE-SU-2026:1742-1)
vulnerability in dos (SUSE-SU-2026:1742-1). Risk of unauthorized operations or information disclosure. Exploitable via ``setContext``.
SUSE-SU-2026:1741-1 Vulnerability in privilege-escalation (SUSE-SU-2026:1741-1)
vulnerability in privilege-escalation (SUSE-SU-2026:1741-1). Risk of unauthorized operations or information disclosure.
SUSE-SU-2026:1740-1 Vulnerability in django (SUSE-SU-2026:1740-1)
vulnerability in django (SUSE-SU-2026:1740-1). Risk of unauthorized operations or information disclosure. Exploitable via ``ASGIRequest``.
CVE-2026-40982 Path Traversal in org.springframework.cloud:spring-cloud-config-server (CVE-2026-40982)
path traversal in org.springframework.cloud:spring-cloud-config-server (CVE-2026-40982). Confidential information can be exposed externally. Mitigation: upgrade to `5.0.3` or later.
CVE-2026-44513 Code Injection in diffusers (CVE-2026-44513)
code injection in diffusers (CVE-2026-44513). Successful exploitation can lead to full system takeover. Exploitable via ``trust_remote_code``. Mitigation: upgrade to `0.38.0` or later.
CVE-2026-42216 Out-of-Bounds Read in openexr (CVE-2026-42216)
vulnerability in openexr (CVE-2026-42216). Confidential information can be exposed externally. Exploitable via ``c13e0e1320a6652e02c5c90c6dbd984d532efe44``.
CVE-2026-42217 Vulnerability in openexr (CVE-2026-42217)
vulnerability in openexr (CVE-2026-42217). Successful exploitation can lead to full system takeover. Exploitable via ``ImfIDManifest.cpp``.
CVE-2026-40004 Vulnerability in privilege-escalation (CVE-2026-40004)
vulnerability in privilege-escalation (CVE-2026-40004). Confidential information can be exposed externally.
CVE-2026-44827 Code Injection in diffusers (CVE-2026-44827)
code injection in diffusers (CVE-2026-44827). Successful exploitation can lead to full system takeover. Exploitable via ``DiffusionPipeline.from_pretrained``. Mitigation: upgrade to `0.38.0` or later.
SUSE-SU-2026:1732-1 Vulnerability in dos (SUSE-SU-2026:1732-1)
vulnerability in dos (SUSE-SU-2026:1732-1). Risk of unauthorized operations or information disclosure. Exploitable via ``tt_var_load_item_variation_store``.
SUSE-SU-2026:1731-1 Vulnerability in dos (SUSE-SU-2026:1731-1)
vulnerability in dos (SUSE-SU-2026:1731-1). Risk of unauthorized operations or information disclosure. Exploitable via ``tt_var_load_item_variation_store``.
CVE-2026-6973 KEV [KEV] Vulnerability in Ivanti endpoint-manager-mobile-epmm (CVE-2026-6973)
vulnerability in Ivanti endpoint-manager-mobile-epmm (CVE-2026-6973). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-44240 Vulnerability in basic-ftp (CVE-2026-44240)
vulnerability in basic-ftp (CVE-2026-44240). Risk of unauthorized operations or information disclosure. Exploitable via ``FtpContext._partialResponse``. Mitigation: upgrade to `5.3.1` or later.
CVE-2026-29080 SQL Injection in rucio (CVE-2026-29080)
SQL injection in rucio (CVE-2026-29080). Successful exploitation can lead to full system takeover. Exploitable via `GET /dids/`. Mitigation: upgrade to `40.1.1` or later.
CVE-2026-20035 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-20035)
SSRF in ssrf (CVE-2026-20035). Risk of unauthorized operations or information disclosure.
CVE-2026-33079 Vulnerability in mistune (CVE-2026-33079)
vulnerability in mistune (CVE-2026-33079). Risk of unauthorized operations or information disclosure. Exploitable via ``LINK_TITLE_RE``. Mitigation: upgrade to `3.2.1` or later.
CVE-2026-29090 SQL Injection in rucio (CVE-2026-29090)
SQL injection in rucio (CVE-2026-29090). Successful exploitation can lead to full system takeover. Exploitable via `GET /dids/`. Mitigation: upgrade to `40.1.1` or later.
CVE-2026-34282 Vulnerability in java (CVE-2026-34282)
vulnerability in java (CVE-2026-34282). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491, 11.0.31, 17.0.19, 21.0.11, 25.0.3, 26.0.1` or later.
CVE-2026-22021 Vulnerability in java (CVE-2026-22021)
vulnerability in java (CVE-2026-22021). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491, 11.0.31, 17.0.19, 21.0.11, 25.0.3, 26.0.1` or later.
CVE-2026-22003 Vulnerability in java (CVE-2026-22003)
vulnerability in java (CVE-2026-22003). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
CVE-2026-21945 Vulnerability in java (CVE-2026-21945)
vulnerability in java (CVE-2026-21945). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.481, 11.0.30, 17.0.18, 21.0.10, 25.0.2` or later.
CVE-2025-7424 Vulnerability in java (CVE-2025-7424)
vulnerability in java (CVE-2025-7424). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.481` or later.
CVE-2025-30752 Vulnerability in java (CVE-2025-30752)
vulnerability in java (CVE-2025-30752). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `24.0.2` or later.
CVE-2024-47776 Out-of-Bounds Read in java (CVE-2024-47776)
vulnerability in java (CVE-2024-47776). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.24.10` or later.
CVE-2024-47775 Out-of-Bounds Read in java (CVE-2024-47775)
vulnerability in java (CVE-2024-47775). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.24.10` or later.
CVE-2024-21217 Vulnerability in java (CVE-2024-21217)
vulnerability in java (CVE-2024-21217). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.431, 11.0.25, 17.0.13, 21.0.5, 23.0.1` or later.
CVE-2024-21208 Vulnerability in java (CVE-2024-21208)
vulnerability in java (CVE-2024-21208). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.431, 11.0.25, 17.0.13, 21.0.5, 23.0.1` or later.
CVE-2024-21144 Vulnerability in java (CVE-2024-21144)
vulnerability in java (CVE-2024-21144). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.421, 11.0.24` or later.
CVE-2024-21138 Vulnerability in java (CVE-2024-21138)
vulnerability in java (CVE-2024-21138). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.421, 11.0.24, 17.0.12, 21.0.4, 22.0.2` or later.
CVE-2024-21085 Vulnerability in java (CVE-2024-21085)
vulnerability in java (CVE-2024-21085). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.411, 11.0.23` or later.
CVE-2024-21011 Vulnerability in java (CVE-2024-21011)
vulnerability in java (CVE-2024-21011). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.411, 11.0.23, 17.0.11, 21.0.3, 22.0.1` or later.
CVE-2023-22036 Vulnerability in java (CVE-2023-22036)
vulnerability in java (CVE-2023-22036). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.0.20, 17.0.8, 20.0.2` or later.
CVE-2023-21967 Vulnerability in java (CVE-2023-21967)
vulnerability in java (CVE-2023-21967). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.371, 11.0.19, 17.0.7, 20.0.1` or later.
CVE-2023-21835 Vulnerability in java (CVE-2023-21835)
vulnerability in java (CVE-2023-21835). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.0.18, 17.0.5, 19.0.2` or later.
CVE-2022-21628 Vulnerability in java (CVE-2022-21628)
vulnerability in java (CVE-2022-21628). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.351, 11.0.17, 17.0.5, 19.0.1` or later.
CVE-2022-21426 Vulnerability in java (CVE-2022-21426)
vulnerability in java (CVE-2022-21426). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.341, 8.0.331, 11.0.15, 17.0.3, 18.0.1` or later.
CVE-2022-21366 Vulnerability in java (CVE-2022-21366)
vulnerability in java (CVE-2022-21366). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.0.14, 17.0.2` or later.
CVE-2022-21365 Vulnerability in java (CVE-2022-21365)
vulnerability in java (CVE-2022-21365). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
CVE-2022-21360 Vulnerability in java (CVE-2022-21360)
vulnerability in java (CVE-2022-21360). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
CVE-2022-21341 Unsafe Deserialization in java (CVE-2022-21341)
vulnerability in java (CVE-2022-21341). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
CVE-2022-21340 Vulnerability in java (CVE-2022-21340)
vulnerability in java (CVE-2022-21340). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
CVE-2022-21299 Vulnerability in java (CVE-2022-21299)
vulnerability in java (CVE-2022-21299). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
CVE-2022-21294 Vulnerability in java (CVE-2022-21294)
vulnerability in java (CVE-2022-21294). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
CVE-2022-21293 Vulnerability in java (CVE-2022-21293)
vulnerability in java (CVE-2022-21293). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
CVE-2022-21283 Vulnerability in java (CVE-2022-21283)
vulnerability in java (CVE-2022-21283). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.0.14, 17.0.2` or later.
CVE-2022-21277 Vulnerability in java (CVE-2022-21277)
vulnerability in java (CVE-2022-21277). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.0.14, 17.0.2` or later.
CVE-2022-21271 Vulnerability in java (CVE-2022-21271)
vulnerability in java (CVE-2022-21271). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14` or later.
CVE-2021-35586 Vulnerability in java (CVE-2021-35586)
vulnerability in java (CVE-2021-35586). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.321, 8.0.311, 11.0.13, 17.0.1` or later.
CVE-2021-35578 Vulnerability in java (CVE-2021-35578)
vulnerability in java (CVE-2021-35578). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.311, 11.0.13, 17.0.1` or later.
CVE-2021-35561 Vulnerability in java (CVE-2021-35561)
vulnerability in java (CVE-2021-35561). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.321, 8.0.311, 11.0.13, 17.0.1` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →