CVE-2024-6119

all versions

Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to rea

7.5HIGH

CVE-2024-39689

all versions

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the id

7.5HIGH

CVE-2024-26462

all versions

Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c.

5.5MEDIUM

CVE-2024-26461

all versions

Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.

7.5HIGH

CVE-2024-26458

all versions

Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.

5.3MEDIUM

CVE-2023-2975

all versions

Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are u

5.3MEDIUM

CVE-2022-2048

all versions

In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can

7.5HIGH

CVE-2022-2047

all versions

In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority

2.7LOW

CVE-2021-3733

all versions

There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (s

6.5MEDIUM

CVE-2021-22096

all versions

In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide

4.3MEDIUM

CVE-2021-32765

all versions

Hiredis is a minimalistic C client library for the Redis database. In affected versions Hiredis is vulnurable to integer overflow

8.8HIGH

CVE-2021-41099

all versions

Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be

7.5HIGH

CVE-2021-41079

all versions

Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tom

7.5HIGH

CVE-2021-37714

all versions

jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vu

7.5HIGH

CVE-2021-26987

< 2.17.56

Element Plug-in for vCenter Server incorporates SpringBoot Framework. SpringBoot Framework versions prior to 1.3.2 are susceptible

9.8CRITICAL

CVE-2019-10219

all versions

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting

6.1MEDIUM