Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2022-39399 |
|
Vulnerability in java (CVE-2022-39399)
vulnerability in java (CVE-2022-39399). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.0.17, 17.0.5, 19.0.1` or later.
|
| CVE-2022-21619 |
|
Vulnerability in java (CVE-2022-21619)
vulnerability in java (CVE-2022-21619). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.351, 11.0.17, 17.0.5, 19.0.1` or later.
|
| CVE-2022-21618 |
|
Authentication Bypass in java (CVE-2022-21618)
authentication bypass in java (CVE-2022-21618). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `17.0.5, 19.0.1` or later.
|
| CVE-2022-21366 |
|
Vulnerability in java (CVE-2022-21366)
vulnerability in java (CVE-2022-21366). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.0.14, 17.0.2` or later.
|
| CVE-2022-21360 |
|
Vulnerability in java (CVE-2022-21360)
vulnerability in java (CVE-2022-21360). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
|
| CVE-2022-21341 |
|
Unsafe Deserialization in java (CVE-2022-21341)
vulnerability in java (CVE-2022-21341). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
|
| CVE-2022-21340 |
|
Vulnerability in java (CVE-2022-21340)
vulnerability in java (CVE-2022-21340). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
|
| CVE-2022-21305 |
|
Vulnerability in java (CVE-2022-21305)
vulnerability in java (CVE-2022-21305). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
|
| CVE-2022-21299 |
|
Vulnerability in java (CVE-2022-21299)
vulnerability in java (CVE-2022-21299). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
|
| CVE-2022-21296 |
|
Information Disclosure in java (CVE-2022-21296)
vulnerability in java (CVE-2022-21296). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
|
| CVE-2022-21294 |
|
Vulnerability in java (CVE-2022-21294)
vulnerability in java (CVE-2022-21294). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
|
| CVE-2022-21293 |
|
Vulnerability in java (CVE-2022-21293)
vulnerability in java (CVE-2022-21293). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
|
| CVE-2022-21291 |
|
Vulnerability in java (CVE-2022-21291)
vulnerability in java (CVE-2022-21291). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
|
| CVE-2022-21283 |
|
Vulnerability in java (CVE-2022-21283)
vulnerability in java (CVE-2022-21283). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.0.14, 17.0.2` or later.
|
| CVE-2022-21282 |
|
XXE (XML External Entity) in java (CVE-2022-21282)
vulnerability in java (CVE-2022-21282). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
|
| CVE-2022-21277 |
|
Vulnerability in java (CVE-2022-21277)
vulnerability in java (CVE-2022-21277). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.0.14, 17.0.2` or later.
|
| CVE-2021-35556 |
|
Vulnerability in java (CVE-2021-35556)
vulnerability in java (CVE-2021-35556). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.321, 8.0.311, 11.0.13, 17.0.1` or later.
|
| CVE-2023-38545 |
|
Out-of-Bounds Write in haxx (CVE-2023-38545)
out-of-bounds write in haxx (CVE-2023-38545). Successful exploitation can lead to full system takeover.
|
| CVE-2022-21624 |
|
Unsafe Deserialization in c (CVE-2022-21624)
vulnerability in c (CVE-2022-21624). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-21626 |
|
Vulnerability in c (CVE-2022-21626)
vulnerability in c (CVE-2022-21626). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-35278 |
|
Cross-Site Scripting (XSS) in org.apache.activemq:artemis-server (CVE-2022-35278)
cross-site scripting in org.apache.activemq:artemis-server (CVE-2022-35278). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.24.0` or later.
|
| CVE-2022-23913 |
|
Vulnerability in org.apache.activemq:artemis-core-client (CVE-2022-23913)
vulnerability in org.apache.activemq:artemis-core-client (CVE-2022-23913). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.19.1` or later.
|
| CVE-2021-22926 |
|
Vulnerability in haxx (CVE-2021-22926)
vulnerability in haxx (CVE-2021-22926). Risk of unauthorized operations or information disclosure. Exploitable via ``CURLOPT_SSLCERT``.
|
| CVE-2021-3522 |
|
GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.
GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.
|
| CVE-2021-26118 |
|
Vulnerability in org.apache.activemq:artemis-openwire-protocol (CVE-2021-26118)
vulnerability in org.apache.activemq:artemis-openwire-protocol (CVE-2021-26118). Data can be tampered with by attackers. Mitigation: upgrade to `2.16.0` or later.
|
| CVE-2021-26117 |
|
Authentication Bypass in apache (CVE-2021-26117)
authentication bypass in apache (CVE-2021-26117). Data can be tampered with by attackers.
|
| CVE-2020-1971 |
|
Vulnerability in dos (CVE-2020-1971)
vulnerability in dos (CVE-2020-1971). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-10727 |
|
Vulnerability in org.apache.activemq:artemis-commons (CVE-2020-10727)
vulnerability in org.apache.activemq:artemis-commons (CVE-2020-10727). Confidential information can be exposed externally. Exploitable via ``resetUsers``. Mitigation: upgrade to `2.13.0` or later.
|
| CVE-2019-17571 |
|
Unsafe Deserialization in log4j:log4j (CVE-2019-17571)
vulnerability in log4j:log4j (CVE-2019-17571). Successful exploitation can lead to full system takeover.
|
| CVE-2019-16168 |
|
Vulnerability in c (CVE-2019-16168)
vulnerability in c (CVE-2019-16168). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-13118 |
|
Vulnerability in nokogiri (CVE-2019-13118)
vulnerability in nokogiri (CVE-2019-13118). Confidential information can be exposed externally. Exploitable via ``numbers.c``. Mitigation: upgrade to `1.10.5` or later.
|
| CVE-2019-11068 |
|
Vulnerability in nokogiri (CVE-2019-11068)
vulnerability in nokogiri (CVE-2019-11068). Successful exploitation can lead to full system takeover. Exploitable via ``xsltCheckRead``. Mitigation: upgrade to `1.10.3` or later.
|
| CVE-2019-7317 |
|
Use-After-Free in c (CVE-2019-7317)
vulnerability in c (CVE-2019-7317). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-8610 |
|
Vulnerability in dos (CVE-2016-8610)
vulnerability in dos (CVE-2016-8610). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10388 |
|
Vulnerability in c (CVE-2017-10388)
vulnerability in c (CVE-2017-10388). Successful exploitation can lead to full system takeover.
|
| CVE-2017-10384 |
|
Vulnerability in c (CVE-2017-10384)
vulnerability in c (CVE-2017-10384). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10379 |
|
Authorization Flaw in c (CVE-2017-10379)
vulnerability in c (CVE-2017-10379). Confidential information can be exposed externally.
|
| CVE-2017-10378 |
|
Vulnerability in c (CVE-2017-10378)
vulnerability in c (CVE-2017-10378). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10357 |
|
Vulnerability in c (CVE-2017-10357)
vulnerability in c (CVE-2017-10357). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10365 |
|
Vulnerability in c (CVE-2017-10365)
vulnerability in c (CVE-2017-10365). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10356 |
|
Vulnerability in c (CVE-2017-10356)
vulnerability in c (CVE-2017-10356). Confidential information can be exposed externally.
|
| CVE-2017-10355 |
|
Vulnerability in c (CVE-2017-10355)
vulnerability in c (CVE-2017-10355). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10350 |
|
Vulnerability in c (CVE-2017-10350)
vulnerability in c (CVE-2017-10350). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10349 |
|
Vulnerability in c (CVE-2017-10349)
vulnerability in c (CVE-2017-10349). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10348 |
|
Vulnerability in c (CVE-2017-10348)
vulnerability in c (CVE-2017-10348). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10347 |
|
Vulnerability in c (CVE-2017-10347)
vulnerability in c (CVE-2017-10347). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10346 |
|
Vulnerability in c (CVE-2017-10346)
vulnerability in c (CVE-2017-10346). Successful exploitation can lead to full system takeover.
|
| CVE-2017-10345 |
|
Vulnerability in c (CVE-2017-10345)
vulnerability in c (CVE-2017-10345). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10320 |
|
Vulnerability in c (CVE-2017-10320)
vulnerability in c (CVE-2017-10320). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10295 |
|
Vulnerability in c (CVE-2017-10295)
vulnerability in c (CVE-2017-10295). Risk of unauthorized operations or information disclosure.
|