Skip to main content

Java

3270 CVEs product

Monthly

CVE-2025-8814 LOW POC PATCH Monitor

A vulnerability was found in atjiu pybbs up to 6.0.0 and classified as problematic.java. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Java
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-8813 LOW POC PATCH Monitor

A vulnerability has been found in atjiu pybbs up to 6.0.0 and classified as problematic. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Open Redirect Java
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-8755 MEDIUM POC This Month

A vulnerability was found in macrozheng mall up to 1.0.3 and classified as problematic.java of the component com.macro.mall.portal.controller. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Java Mall
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-8752 MEDIUM POC This Month

A vulnerability was found in wangzhixuan spring-shiro-training up to 94812c1fd8f7fe796c931f4984ff1aa0671ab562. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Java
NVD VulDB
CVSS 4.0
5.5
EPSS
0.3%
CVE-2025-8738 MEDIUM This Month

A vulnerability has been found in zlt2000 microservices-platform up to 6.0.0 and classified as problematic. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Information Disclosure
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-8737 LOW Monitor

A vulnerability, which was classified as problematic, was found in zlt2000 microservices-platform up to 6.0.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Open Redirect Java
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-8708 LOW POC Monitor

A vulnerability was found in Antabot White-Jotter 0.22. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Deserialization Java
NVD GitHub VulDB
CVSS 4.0
1.3
EPSS
0.1%
CVE-2025-8549 LOW POC PATCH Monitor

A vulnerability was found in atjiu pybbs up to 6.0.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Information Disclosure Brute Force Java
NVD GitHub VulDB
CVSS 4.0
2.9
EPSS
0.1%
CVE-2025-8548 LOW POC PATCH Monitor

A vulnerability was found in atjiu pybbs up to 6.0.0 and classified as problematic.java of the component Registered Email Handler. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Java Information Disclosure
NVD GitHub VulDB
CVSS 4.0
2.9
EPSS
0.1%
CVE-2025-8529 LOW Monitor

A vulnerability classified as critical was found in cloudfavorites favorites-web up to 1.3.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java SSRF
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-8527 LOW POC Monitor

A vulnerability was found in Exrick xboot up to 3.3.4. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Java SSRF
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-8526 LOW POC Monitor

A vulnerability was found in Exrick xboot up to 3.3.4. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass File Upload Java
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-8525 MEDIUM POC This Month

A vulnerability was found in Exrick xboot up to 3.3.4. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Java Information Disclosure Xboot Spring
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-8344 LOW POC Monitor

Unrestricted file upload in OpenViglet Shio through version 0.3.8 allows authenticated remote attackers to upload arbitrary files via manipulation of the filename parameter in the ShStaticFileAPI.shStaticFileUpload function. The vulnerability requires valid authentication credentials but lacks proper input validation on uploaded filenames, enabling arbitrary file placement on the server. Publicly available exploit code exists, though EPSS score remains low at 0.11% (28th percentile), suggesting limited real-world exploitation despite public disclosure.

Java Authentication Bypass File Upload Shio
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-8343 LOW POC Monitor

Path traversal in OpenViglet Shio up to version 0.3.8 allows authenticated remote attackers to read arbitrary files by manipulating the fileName parameter in the shStaticFilePreUpload API endpoint. The vulnerability has low practical impact (CVSS 2.1, EPSS 0.22%) despite being rated critical in severity classification, as it requires prior authentication and provides only limited confidentiality exposure. Public exploit code is available.

Java Path Traversal Shio
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.2%
CVE-2025-8211 LOW POC Monitor

Roothub versions up to 2.6 contain a reflected cross-site scripting (XSS) vulnerability in the SystemConfigAdminController Edit function that allows authenticated users to inject malicious scripts via the web interface. The vulnerability requires user interaction (clicking a malicious link) and authenticated access, limiting its practical impact despite network-accessible delivery. Publicly available exploit code exists, though real-world exploitation risk is low given the EPSS score of 0.06% and the authentication barrier.

Java XSS Roothub
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2025-7935 LOW POC Monitor

SQL injection in the SysLogController of fuyang_lipengjun platform allows authenticated remote attackers to execute arbitrary SQL queries via the key parameter, with publicly available exploit code disclosed. Despite a critical classification, the CVSS 4.0 score of 2.1 and low EPSS percentile (22%) indicate limited real-world impact due to requirement for prior authentication and low confidentiality/integrity scope; however, the public exploit and authenticated network access vector warrant monitoring.

SQLi Java Platform
NVD VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-7934 LOW POC Monitor

SQL injection in fuyang_lipengjun platform allows authenticated remote attackers to execute arbitrary SQL queries via the beanName parameter in the queryPage function of ScheduleJobController.java. The CVSS score of 2.1 reflects limited confidentiality and integrity impact with authentication required, though publicly available exploit code exists. EPSS score of 0.07% (percentile 22%) suggests low real-world exploitation probability despite public POC availability.

SQLi Java Platform
NVD VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-7906 LOW POC Monitor

RuoYi versions up to 4.8.1 allow authenticated users to upload files without restriction via the CommonController.uploadFile function, enabling arbitrary file upload. The vulnerability requires valid credentials (PR:L per CVSS vector) but permits remote exploitation with low complexity. Public exploit code exists; however, EPSS score of 0.05% (15th percentile) suggests minimal real-world exploitation despite public disclosure, indicating the threat is constrained by authentication requirements or other practical barriers.

Java Authentication Bypass File Upload Ruoyi
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-7888 LOW POC Monitor

SQL injection in TDuckCloud tduck-platform 5.1 allows authenticated remote attackers to manipulate the formKey parameter in the UserFormDataMapper function, enabling unauthorized database queries with limited confidentiality and integrity impact. Publicly available exploit code exists, and the vendor has not responded to early disclosure notification.

SQLi Java Tduck Platform
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-7865 LOW POC PATCH Monitor

Stored cross-site scripting (XSS) in JeeSite's xssFilter function allows authenticated users to inject malicious scripts via the text parameter in EncodeUtils.java, affecting versions up to 5.12.0. The vulnerability requires user interaction to trigger payload execution and has publicly available exploit code. With EPSS score of 0.07% and CVSS 2.0, exploitation likelihood is low despite public disclosure, but remediation is straightforward via vendor patch.

Java XSS Jeesite
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2025-7864 LOW POC PATCH Monitor

Unrestricted file upload in JeeSite up to version 5.12.0 allows authenticated remote attackers to upload arbitrary files via the FileUploadController, potentially leading to remote code execution or data exfiltration. The vulnerability has a publicly disclosed proof-of-concept and is classified as critical despite a low CVSS 4.0 score of 2.1, indicating that the CVSS vector (requiring authenticated access and limited scope of impact) does not fully reflect the practical severity of unrestricted file upload capabilities in a web application context.

Java Authentication Bypass File Upload Jeesite
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-7789 Maven LOW POC PATCH Monitor

Token generation in Xuxueli xxl-job up to version 3.1.1 uses password hashing with insufficient computational effort (weak bcrypt configuration or equivalent), allowing attackers to crack authentication tokens through brute force. The vulnerability affects the makeToken function in IndexController.java and has low practical impact (confidentiality impact only, no integrity or availability damage), but exploitation requires high attack complexity and is not known to be actively exploited at scale despite public disclosure of the vulnerability.

Information Disclosure Java Xxl Job
NVD GitHub VulDB
CVSS 4.0
2.9
EPSS
0.0%
CVE-2025-7785 LOW POC PATCH Monitor

Open redirect in JeeSite's SSO controller allows remote attackers to redirect users to arbitrary external URLs by manipulating the redirect parameter, exploiting user trust to facilitate phishing or credential theft attacks. Affects JeeSite up to version 5.12.0. Publicly available exploit code exists and requires user interaction (clicking a malicious link), but no active exploitation in the wild has been confirmed. CVSS score is low (2.1) due to UI requirement and limited impact, though EPSS (0.11%) indicates minimal real-world exploitation probability.

Java Open Redirect Jeesite
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-7763 LOW POC PATCH Monitor

Open redirect vulnerability in JeeSite up to version 5.12.0 allows unauthenticated remote attackers to redirect users to arbitrary external websites via a crafted redirect parameter in the Site Controller select function. The vulnerability requires user interaction (clicking a malicious link) but carries low integrity impact through browser-based redirection. Publicly available exploit code exists, and a patch is available from the vendor; however, the EPSS score of 0.11% indicates low real-world exploitation probability despite public disclosure.

Java Open Redirect Jeesite
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-7759 LOW POC PATCH Monitor

Server-side request forgery (SSRF) in thinkgem JeeSite up to version 5.12.0 allows authenticated remote attackers to manipulate the Source argument in the UEditor Image Grabber component (ActionEnter.java), enabling arbitrary HTTP requests from the vulnerable server with low confidentiality, integrity, and availability impact. Publicly available exploit code exists, and a patch has been released by the vendor.

Java SSRF Jeesite
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-53639 CRITICAL PATCH Act Now

CVE-2025-53639 is a critical SQL injection vulnerability in MeterSphere's API sorting functionality where the sortField parameter lacks proper input validation and sanitization. All versions prior to 3.6.5-lts are affected, allowing unauthenticated remote attackers to execute arbitrary SQL statements and completely compromise database integrity, availability, and confidentiality. This is a network-exploitable vulnerability with no authentication required and high real-world risk.

SQLi Java Metersphere
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2024-51768 HIGH PATCH This Week

CVE-2024-51768 is a remote code execution vulnerability in HPE AutoPass License Server (APLS) versions prior to 9.17, stemming from unsafe deserialization in the embedded HSQLDB database library. An authenticated attacker with local network access can execute arbitrary code with the privileges of the APLS service, potentially leading to complete system compromise. The vulnerability has a CVSS score of 8.0 and represents a significant risk to organizations using affected APLS versions, particularly given the authentication requirement is modest (PR:L) and the attack complexity is low.

RCE HP Java Autopass License Server
NVD
CVSS 3.1
8.0
EPSS
0.4%
CVE-2025-53689 Maven HIGH PATCH This Week

Apache Jackrabbit versions prior to 2.23.2 contain blind XXE (XML External Entity) vulnerabilities in jackrabbit-spi-commons and jackrabbit-core components due to unsafe XML document parsing when loading privilege definitions. An authenticated attacker with low privileges can exploit this to achieve high-impact confidentiality, integrity, and availability compromise. The vulnerability requires user authentication (PR:L) but has no interaction requirement and affects all systems regardless of scope.

XXE Apache Java Information Disclosure Jackrabbit +1
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-7566 LOW POC Monitor

A vulnerability has been found in jshERP up to 3.5 and classified as critical. This vulnerability affects the function exportExcelByParam of the file /src/main/java/com/jsh/erp/controller/SystemConfigController.java. The manipulation of the argument Title leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Java Path Traversal
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.3%
CVE-2025-7552 MEDIUM This Month

A remote code execution vulnerability in Dromara Northstar (CVSS 6.3). Remediation should follow standard vulnerability management procedures.

Information Disclosure Java
NVD VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2025-53506 Maven HIGH PATCH This Week

A remote code execution vulnerability (CVSS 7.5). High severity vulnerability requiring prompt remediation.

Apache Tomcat Denial Of Service Java Red Hat +1
NVD HeroDevs GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-52520 Maven HIGH PATCH This Week

CVE-2025-52520 is an integer overflow vulnerability in Apache Tomcat's multipart upload handling that allows unauthenticated remote attackers to bypass size limits and trigger denial of service. The vulnerability affects Tomcat versions 11.0.0-M1 through 11.0.8, 10.1.0-M1 through 10.1.42, 9.0.0.M1 through 9.0.106, and EOL version 8.5.0 through 8.5.100, requiring only network access with no authentication. With a CVSS score of 7.5 (High severity) and an attack vector rated as Network/Low complexity, this represents a significant availability risk for unpatched deployments.

Apache Tomcat Integer Overflow Java Denial Of Service +2
NVD HeroDevs GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-52434 Maven HIGH PATCH This Week

Apache Tomcat contains a race condition vulnerability in the APR/Native connector that can be triggered during concurrent HTTP/2 connection handling, particularly when clients initiate connection closes. The vulnerability affects Tomcat 9.0.0.M1 through 9.0.106 (and EOL versions 8.5.0-8.5.100), allowing remote unauthenticated attackers to cause denial of service through improper synchronization of shared resources. With a CVSS score of 7.5 and network-accessible attack vector requiring no authentication, this represents a high-severity availability impact, though no active public exploitation has been confirmed.

Apache Race Condition Tomcat Java Denial Of Service +2
NVD HeroDevs GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2025-42978 LOW Monitor

CVE-2025-42978 is a security vulnerability (CVSS 3.5). Remediation should follow standard vulnerability management procedures.

SAP Information Disclosure Java
NVD
CVSS 3.1
3.5
EPSS
0.0%
CVE-2025-42966 CRITICAL Act Now

SAP NetWeaver XML Data Archiving Service allows an authenticated attacker with administrative privileges to exploit an insecure Java deserialization vulnerability by sending a specially crafted serialized Java object. This could lead to high impact on confidentiality, integrity, and availability of the application.

Deserialization SAP Java
NVD
CVSS 3.1
9.1
EPSS
0.2%
CVE-2025-42963 CRITICAL Act Now

A critical vulnerability in SAP NetWeaver Application server for Java Log Viewer enables authenticated administrator users to exploit unsafe Java object deserialization. Successful exploitation can lead to full operating system compromise, granting attackers complete control over the affected system. This results in a severe impact on the confidentiality, integrity, and availability of the application and host environment.

Deserialization SAP Java
NVD
CVSS 3.1
9.1
EPSS
0.2%
CVE-2025-7108 LOW POC Monitor

A vulnerability classified as critical was found in risesoft-y9 Digital-Infrastructure up to 9.6.7. Affected by this vulnerability is the function deleteFile of the file /Digital-Infrastructure-9.6.7/y9-digitalbase-webapp/y9-module-filemanager/risenet-y9boot-webapp-filemanager/src/main/java/net/risesoft/y9public/controller/Y9FileController.java. The manipulation of the argument fullPath leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Java Path Traversal
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-53602 Maven MEDIUM This Month

A security vulnerability in Zipkin through 3.5.1 (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Information Disclosure Java
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-34067 CRITICAL Act Now

An unauthenticated remote command execution vulnerability exists in the applyCT component of the Hikvision Integrated Security Management Platform due to the use of a vulnerable version of the Fastjson library. The endpoint /bic/ssoService/v1/applyCT deserializes untrusted user input, allowing an attacker to trigger Fastjson's auto-type feature to load arbitrary Java classes. By referencing a malicious class via an LDAP URL, an attacker can achieve remote code execution on the underlying system. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-05 UTC.

Deserialization RCE Java Hikvision
NVD GitHub
CVSS 4.0
10.0
EPSS
2.7%
CVE-2025-53103 Maven MEDIUM PATCH This Month

A security vulnerability in JUnit (CVSS 5.8). Remediation should follow standard vulnerability management procedures.

Information Disclosure Java Ubuntu Debian Red Hat +1
NVD GitHub
CVSS 3.1
5.8
EPSS
0.0%
CVE-2025-6925 MEDIUM POC This Month

A vulnerability has been found in Dromara RuoYi-Vue-Plus 5.4.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /src/main/java/org/dromara/demo/controller/MailController.java of the component Mail Handler. The manipulation of the argument filePath leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Java Path Traversal Ruoyi Vue Plus
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.3%
CVE-2025-26074 Maven CRITICAL PATCH Act Now

Orkes Conductor v3.21.11 allows remote attackers to execute arbitrary OS commands through unrestricted access to Java classes.

Java Command Injection
NVD GitHub
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-5878 MEDIUM PATCH This Month

A vulnerability was found in ESAPI esapi-java-legacy and classified as problematic. This issue affects the interface Encoder.encodeForSQL of the SQL Injection Defense. An attack leads to an improper neutralization of special elements. The attack may be initiated remotely and an exploit has been disclosed to the public. The project was contacted early about this issue and handled it with an exceptional level of professionalism. Upgrading to version 2.7.0.0 is able to address this issue. Commit ID f75ac2c2647a81d2cfbdc9c899f8719c240ed512 is disabling the feature by default and any attempt to use it will trigger a warning. And commit ID e2322914304d9b1c52523ff24be495b7832f6a56 is updating the misleading Java class documentation to warn about the risks.

Java SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.2%
CVE-2025-53393 Maven MEDIUM PATCH This Month

In Akka through 2.10.6, akka-cluster-metrics uses Java serialization for cluster metrics.

Deserialization Java
NVD GitHub
CVSS 3.1
6.0
EPSS
0.1%
CVE-2025-49003 CRITICAL POC PATCH Act Now

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, a threat actor may take advantage of a feature in Java in which the character "ı" becomes "I" when converted to uppercase, and the character "ſ" becomes "S" when converted to uppercase. A threat actor who uses a carefully crafted message that exploits this character conversion can cause remote code execution. The vulnerability has been fixed in v2.10.11. No known workarounds are available.

RCE Java Dataease
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2025-36038 CRITICAL Act Now

IBM WebSphere Application Server (WAS) versions 8.5 and 9.0 are vulnerable to remote code execution through deserialization of untrusted serialized objects, allowing unauthenticated network attackers to execute arbitrary code with high confidence despite moderate attack complexity. This is a critical Java deserialization vulnerability (CWE-502) affecting enterprise application servers in widespread use; exploitation status and EPSS probability are not yet public but the CVSS 9.0 score and network-accessible attack vector indicate this is a priority concern for organizations running affected WAS versions.

Deserialization RCE IBM Java Websphere Application Server
NVD
CVSS 3.1
9.0
EPSS
0.4%
CVE-2025-52888 Maven HIGH PATCH This Week

Allure 2 versions prior to 2.34.1 contain a critical XML External Entity (XXE) injection vulnerability in the xunit-xml-plugin that allows unauthenticated remote attackers to read arbitrary files from the server's filesystem and potentially trigger SSRF attacks. The vulnerability stems from insecure XML parser configuration in the DocumentBuilderFactory and is exploitable by uploading or providing malicious test result XML files without any authentication or user interaction required.

XXE SSRF Information Disclosure Java
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-2566 CRITICAL PATCH Act Now

CVE-2025-2566 is an unsafe Java deserialization vulnerability in Kaleris NAVIS N4 ULC that allows unauthenticated attackers to execute arbitrary code on affected servers through specially crafted requests. The vulnerability affects Kaleris NAVIS N4 Ultra Light Client installations and presents critical risk due to its network-accessible attack vector, lack of authentication requirements, and remote code execution impact. Given the CVSS 9.3 score and unauthenticated attack surface, this should be treated as a priority vulnerability for organizations running affected versions.

Deserialization RCE Java
NVD
CVSS 4.0
9.3
EPSS
0.7%
CVE-2025-6552 LOW POC Monitor

A vulnerability was found in java-aodeng Hope-Boot 1.0.0. It has been classified as problematic. Affected is the function doLogin of the file /src/main/java/com/hope/controller/WebController.java of the component Login. The manipulation of the argument redirect_url leads to open redirect. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Java Open Redirect
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-6551 LOW POC Monitor

A vulnerability was found in java-aodeng Hope-Boot 1.0.0 and classified as problematic. This issue affects the function Login of the file /src/main/java/com/hope/controller/WebController.java. The manipulation of the argument errorMsg leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

XSS Java
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-34039 CRITICAL POC Act Now

A code injection vulnerability exists in Yonyou UFIDA NC v6.5 and prior due to the exposure of the BeanShell testing servlet (bsh.servlet.BshServlet) without proper access controls. The servlet allows unauthenticated remote attackers to execute arbitrary Java code via the bsh.script parameter. This can be exploited to run system commands and ultimately gain full control over the target server. The issue is rooted in a third-party JAR component bundled with the application, and the servlet is accessible without authentication on vulnerable installations. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-05 UTC.

Java Authentication Bypass
NVD
CVSS 4.0
10.0
EPSS
0.3%
CVE-2025-6534 LOW POC Monitor

A remote code execution vulnerability in xxyopen/201206030 novel-plus (CVSS 4.2). Risk factors: public PoC available.

Information Disclosure Java
NVD VulDB
CVSS 4.0
1.3
EPSS
0.1%
CVE-2025-6533 LOW POC Monitor

A vulnerability, which was classified as critical, has been found in xxyopen/201206030 novel-plus up to 5.1.3. Affected by this issue is the function ajaxLogin of the file novel-admin/src/main/java/com/java2nb/system/controller/LoginController.java of the component CATCHA Handler. The manipulation leads to authentication bypass by capture-replay. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Java Authentication Bypass
NVD VulDB
CVSS 4.0
2.9
EPSS
0.1%
CVE-2025-49574 Maven MEDIUM PATCH This Month

A security vulnerability in versions (CVSS 6.4). Remediation should follow standard vulnerability management procedures.

Information Disclosure Java Red Hat
NVD GitHub
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-6517 LOW POC Monitor

A vulnerability was found in Dromara MaxKey up to 4.1.7 and classified as critical. This issue affects the function Add of the file maxkey-webs\maxkey-web-mgt\src\main\java\org\dromara\maxkey\web\apps\contorller\SAML20DetailsController.java of the component Meta URL Handler. The manipulation of the argument post leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

SSRF Java
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-6509 LOW POC Monitor

A vulnerability was found in seaswalker spring-analysis up to 4379cce848af96997a9d7ef91d594aa129be8d71. It has been declared as problematic. Affected by this vulnerability is the function echo of the file /src/main/java/controller/SimpleController.java. The manipulation of the argument Name leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.

XSS Java
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-6466 LOW POC PATCH Monitor

A vulnerability was found in ageerle ruoyi-ai 2.0.0 and classified as critical. Affected by this issue is the function speechToTextTranscriptionsV2/upload of the file ruoyi-modules/ruoyi-system/src/main/java/org/ruoyi/system/service/impl/SseServiceImpl.java. The manipulation of the argument File leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.0.1 is able to address this issue. The patch is identified as 4e93ac86d4891c59ecfcd27c051de9b3c5379315. It is recommended to upgrade the affected component.

File Upload Java Authentication Bypass
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.2%
CVE-2025-6453 LOW POC Monitor

A vulnerability classified as critical has been found in diyhi bbs 6.8. Affected is the function Add of the file /src/main/java/cms/web/action/template/ForumManageAction.java of the component API. The manipulation of the argument dirName leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Java Path Traversal
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-24291 MEDIUM This Month

The Versa Director SD-WAN orchestration platform provides functionality to upload various types of files. However, the Java code handling file uploads contains an argument injection vulnerability. By appending additional arguments to the file name, an attacker can bypass MIME type validation, allowing the upload of arbitrary file types. This flaw can be exploited to place a malicious file on disk. Versa Networks is not aware of any reported instance where this vulnerability was exploited. Proof of concept for this vulnerability has been disclosed by third party security researchers. There are no workarounds to disable the GUI option. Versa recommends that Director be upgraded to one of the remediated software versions.

Java RCE
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-49125 Maven HIGH PATCH This Week

CVE-2025-49125 is an authentication bypass vulnerability in Apache Tomcat affecting versions 8.5.0-8.5.100, 9.0.0-9.0.105, 10.1.0-10.1.41, and 11.0.0-11.0.7. The vulnerability allows unauthenticated remote attackers to access PreResources or PostResources mounted outside the web application root via alternate path traversal, bypassing security constraints configured for the intended resource path. With a CVSS score of 7.5 and high confidentiality impact, this represents a critical authentication mechanism failure that requires immediate patching.

Apache Tomcat Authentication Bypass Java Red Hat +1
NVD HeroDevs GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-48988 Maven HIGH PATCH This Week

A remote code execution vulnerability in Apache Tomcat (CVSS 7.5). High severity vulnerability requiring prompt remediation.

Apache Tomcat Denial Of Service Java Red Hat +1
NVD HeroDevs GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2025-48976 Maven HIGH PATCH This Week

Apache Commons FileUpload contains a Denial of Service vulnerability in multipart header processing due to insufficient resource allocation limits (CWE-770). Affected versions are 1.0 through 1.5.x and 2.0.0-M1 through 2.0.0-M3. An unauthenticated remote attacker can exploit this with a network request to cause resource exhaustion and service unavailability without requiring user interaction or elevated privileges. CVSS 7.5 (High) reflects the high availability impact; KEV and EPSS data availability would determine exploitation likelihood in the wild.

Apache Denial Of Service Java Commons Fileupload Red Hat +1
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2025-25264 MEDIUM PATCH This Month

CVE-2025-25264 is a security vulnerability (CVSS 6.5) that allows the attacker. Remediation should follow standard vulnerability management procedures.

Java Information Disclosure
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-6109 LOW POC Monitor

A vulnerability was found in javahongxi whatsmars 2021.4.0. It has been rated as problematic. Affected by this issue is the function initialize of the file /whatsmars-archetypes/whatsmars-initializr/src/main/java/org/hongxi/whatsmars/initializr/controller/InitializrController.java. The manipulation of the argument artifactId leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Java Path Traversal
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-6108 LOW POC Monitor

A vulnerability was found in hansonwang99 Spring-Boot-In-Action up to 807fd37643aa774b94fd004cc3adbd29ca17e9aa. It has been declared as critical. Affected by this vulnerability is the function watermarkTest of the file /springbt_watermark/src/main/java/cn/codesheep/springbt_watermark/service/ImageUploadService.java of the component File Upload. The manipulation of the argument filename leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The vendor was contacted early about this disclosure but did not respond in any way.

File Upload Java Path Traversal
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-41234 Maven MEDIUM PATCH This Month

Description In Spring Framework, versions 6.0.x as of 6.0.5, versions 6.1.x and 6.2.x, an application is vulnerable to a reflected file download (RFD) attack when it sets a “Content-Disposition” header with a non-ASCII charset, where the filename attribute is derived from user-supplied input. Specifically, an application is vulnerable when all the following are true: * The header is prepared with org.springframework.http.ContentDisposition. * The filename is set via ContentDisposition.Builder#filename(String, Charset). * The value for the filename is derived from user-supplied input. * The application does not sanitize the user-supplied input. * The downloaded content of the response is injected with malicious commands by the attacker (see RFD paper reference for details). An application is not vulnerable if any of the following is true: * The application does not set a “Content-Disposition” response header. * The header is not prepared with org.springframework.http.ContentDisposition. * The filename is set via one of: * ContentDisposition.Builder#filename(String), or * ContentDisposition.Builder#filename(String, ASCII) * The filename is not derived from user-supplied input. * The filename is derived from user-supplied input but sanitized by the application. * The attacker cannot inject malicious content in the downloaded content of the response. Affected Spring Products and VersionsSpring Framework: * 6.2.0 - 6.2.7 * 6.1.0 - 6.1.20 * 6.0.5 - 6.0.28 * Older, unsupported versions are not affected MitigationUsers of affected versions should upgrade to the corresponding fixed version. Affected version(s)Fix versionAvailability6.2.x6.2.8OSS6.1.x6.1.21OSS6.0.x6.0.29 Commercial https://enterprise.spring.io/ No further mitigation steps are necessary. CWE-113 in `Content-Disposition` handling in VMware Spring Framework versions 6.0.5 to 6.2.7 allows remote attackers to launch Reflected File Download (RFD) attacks via unsanitized user input in `ContentDisposition.Builder#filename(String, Charset)` with non-ASCII charsets.

Java Code Injection VMware Ubuntu Debian +2
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-49146 Maven HIGH PATCH This Week

The PostgreSQL JDBC driver (pgjdbc) versions 42.7.4 through 42.7.6 contain an authentication bypass vulnerability where channel binding validation is incorrectly disabled, allowing man-in-the-middle attackers to intercept connections that administrators configured to require channel binding protection. Affected users running pgjdbc with channel binding set to 'required' (a non-default but security-conscious configuration) are vulnerable to credential interception and session hijacking despite believing their connections are protected. The vulnerability is fixed in version 42.7.7.

PostgreSQL Authentication Bypass Java Postgresql Jdbc Driver Red Hat +1
NVD GitHub
CVSS 3.1
8.2
EPSS
0.0%
CVE-2024-29198 Maven HIGH POC PATCH This Week

GeoServer contains a Server-Side Request Forgery (SSRF) vulnerability in the Demo request endpoint (TestWfsPost servlet) that allows unauthenticated network attackers to make arbitrary HTTP requests from the server when Proxy Base URL is not configured. This high-severity vulnerability (CVSS 7.5) affects GeoServer versions prior to 2.24.4 and 2.25.2, enabling attackers to access internal resources, cloud metadata endpoints, and potentially interact with backend systems.

Java SSRF Geoserver
NVD GitHub
CVSS 3.1
7.5
EPSS
6.4%
CVE-2025-43699 MEDIUM This Month

A remote code execution vulnerability (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Java Authentication Bypass
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-27819 Maven HIGH PATCH This Week

A remote code execution vulnerability (CVSS 7.5). High severity vulnerability requiring prompt remediation.

Denial Of Service Apache Java RCE Authentication Bypass +3
NVD GitHub HeroDevs
CVSS 3.1
7.5
EPSS
0.4%
CVE-2025-27818 Maven HIGH PATCH This Week

A remote code execution vulnerability in A possible security vulnerability (CVSS 8.8). High severity vulnerability requiring prompt remediation.

Deserialization Java Apache LDAP RCE +3
NVD GitHub HeroDevs
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-5887 LOW POC Monitor

A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has been classified as problematic. Affected is an unknown function of the file UserMgrController.java of the component File Upload. The manipulation of the argument File leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

File Upload Java XSS
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-5879 LOW POC Monitor

A vulnerability, which was classified as problematic, was found in WuKongOpenSource WukongCRM 9.0. This affects an unknown part of the file AdminSysConfigController.java of the component File Upload. The manipulation of the argument File leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

File Upload Java XSS
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-27531 Maven CRITICAL PATCH Act Now

Critical deserialization of untrusted data vulnerability in Apache InLong versions 1.13.0 through 2.0.x that allows authenticated attackers to read arbitrary files through parameter manipulation ('double writing' the param). With a CVSS 9.8 score and network-based attack vector requiring no user interaction, this represents a high-severity information disclosure risk affecting data ingestion pipeline deployments.

Deserialization Apache Java Information Disclosure Inlong
NVD GitHub
CVSS 3.1
9.8
EPSS
0.5%
CVE-2025-5806 Maven HIGH PATCH This Week

A cross-site scripting vulnerability (CVSS 8.0). High severity vulnerability requiring prompt remediation.

XSS Jenkins Java Gatling
NVD GitHub
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-5680 MEDIUM POC This Month

A vulnerability classified as critical was found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 2.5.0. Affected by this vulnerability is the function executeScript of the file /src/main/java/com/dstz/sys/rest/controller/SysScriptController.java of the component Groovy Script Handler. The manipulation of the argument script leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Deserialization Java Agilebpm
NVD VulDB
CVSS 3.1
6.3
EPSS
0.4%
CVE-2025-5679 MEDIUM POC This Month

A vulnerability classified as critical has been found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 2.5.0. Affected is the function parseStrByFreeMarker of the file /src/main/java/com/dstz/sys/rest/controller/SysToolsController.java. The manipulation of the argument str leads to deserialization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Deserialization Java Agilebpm
NVD VulDB
CVSS 3.1
6.3
EPSS
0.4%
CVE-2025-20276 LOW Monitor

A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to execute arbitrary code on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials.  This vulnerability is due to insecure deserialization of Java objects by the affected software. An attacker could exploit this vulnerability by sending a crafted Java object to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of an affected device as a low-privilege user. A successful exploit could also allow the attacker to undertake further actions to elevate their privileges to root.

Deserialization Java RCE Cisco
NVD
CVSS 3.1
3.8
EPSS
0.9%
CVE-2025-20275 MEDIUM This Month

A vulnerability in the file opening process of Cisco Unified Contact Center Express (Unified CCX) Editor could allow an unauthenticated attacker to execute arbitrary code on an affected device.  This vulnerability is due to insecure deserialization of Java objects by the affected software. An attacker could exploit this vulnerability by persuading an authenticated, local user to open a crafted .aef file. A successful exploit could allow the attacker to execute arbitrary code on the host that is running the editor application with the privileges of the user who launched it.

Deserialization Java RCE Cisco Unified Contact Center Express
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2025-5545 MEDIUM POC This Month

A vulnerability classified as problematic has been found in aaluoxiang oa_system up to 5b445a6227b51cee287bd0c7c33ed94b801a82a5. This affects the function image of the file src/main/java/cn/gson/oasys/controller/process/ProcedureController.java. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.

Java Path Traversal Oa System
NVD GitHub VulDB
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-5544 MEDIUM POC This Month

A vulnerability was found in aaluoxiang oa_system up to 5b445a6227b51cee287bd0c7c33ed94b801a82a5. It has been rated as problematic. Affected by this issue is the function image of the file src/main/java/cn/gson/oasys/controller/user/UserpanelController.java. The manipulation leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.

Java Path Traversal Oa System
NVD GitHub VulDB
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-5523 LOW POC Monitor

A vulnerability classified as problematic has been found in enilu web-flash 1.0. This affects the function fileService.upload of the file src/main/java/cn/enilu/flash/api/controller/FileController/upload of the component File Upload. The manipulation of the argument File leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

File Upload Java XSS
NVD VulDB
CVSS 3.1
3.5
EPSS
0.0%
CVE-2025-35036 Maven HIGH PATCH This Week

A information disclosure vulnerability (CVSS 7.3) that allows an attacker. High severity vulnerability requiring prompt remediation. Vendor patch is available.

RCE Java Hibernate Validator Red Hat
NVD GitHub VulDB
CVSS 3.1
7.3
EPSS
0.5%
CVE-2025-46548 Maven MEDIUM POC PATCH This Month

If you enable Basic Authentication in Pekko Management using the Java DSL, the authenticator may not be properly applied. Users that rely on authentication instead of making sure the Management API ports are only available to trusted users are recommended to upgrade to version 1.1.1, which fixes this issue. Akka was affected by the same issue and has released the fix in version 1.6.1.

Java Authentication Bypass Akka Management Pekko Management
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2025-41235 Maven HIGH PATCH This Month

Spring Cloud Gateway Server forwards the X-Forwarded-For and Forwarded headers from untrusted proxies. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Request Smuggling Java Spring
NVD HeroDevs
CVSS 3.1
8.6
EPSS
0.4%
CVE-2025-48927 MEDIUM KEV THREAT Act Now

The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap dump endpoint at a /heapdump URI, as exploited in the wild in May 2025. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and no vendor patch available.

Information Disclosure Java Telemessage
NVD
CVSS 3.1
5.3
EPSS
7.6%
CVE-2025-48734 Maven HIGH PATCH This Month

Improper Access Control vulnerability in Apache Commons. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Apache Authentication Bypass Java Commons Beanutils +2
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-23393 MEDIUM PATCH This Month

A Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in spacewalk-java allows execution of arbitrary Javascript code on users. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Java Suse
NVD
CVSS 4.0
5.6
EPSS
0.3%
CVE-2025-23392 MEDIUM PATCH This Month

A Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in spacewalk-java allows execution of arbitrary Javascript code on target. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Java Suse
NVD
CVSS 4.0
5.6
EPSS
0.3%
EPSS 0% CVSS 2.1
LOW POC PATCH Monitor

A vulnerability was found in atjiu pybbs up to 6.0.0 and classified as problematic.java. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Java
NVD GitHub VulDB
EPSS 0% CVSS 2.0
LOW POC PATCH Monitor

A vulnerability has been found in atjiu pybbs up to 6.0.0 and classified as problematic. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Open Redirect Java
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

A vulnerability was found in macrozheng mall up to 1.0.3 and classified as problematic.java of the component com.macro.mall.portal.controller. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Java Mall
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

A vulnerability was found in wangzhixuan spring-shiro-training up to 94812c1fd8f7fe796c931f4984ff1aa0671ab562. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Java
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

A vulnerability has been found in zlt2000 microservices-platform up to 6.0.0 and classified as problematic. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 2.0
LOW Monitor

A vulnerability, which was classified as problematic, was found in zlt2000 microservices-platform up to 6.0.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Open Redirect Java
NVD GitHub VulDB
EPSS 0% CVSS 1.3
LOW POC Monitor

A vulnerability was found in Antabot White-Jotter 0.22. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Deserialization Java
NVD GitHub VulDB
EPSS 0% CVSS 2.9
LOW POC PATCH Monitor

A vulnerability was found in atjiu pybbs up to 6.0.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Information Disclosure Brute Force Java
NVD GitHub VulDB
EPSS 0% CVSS 2.9
LOW POC PATCH Monitor

A vulnerability was found in atjiu pybbs up to 6.0.0 and classified as problematic.java of the component Registered Email Handler. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Java Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW Monitor

A vulnerability classified as critical was found in cloudfavorites favorites-web up to 1.3.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java SSRF
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

A vulnerability was found in Exrick xboot up to 3.3.4. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Java SSRF
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

A vulnerability was found in Exrick xboot up to 3.3.4. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass File Upload Java
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

A vulnerability was found in Exrick xboot up to 3.3.4. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Java Information Disclosure Xboot +1
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Unrestricted file upload in OpenViglet Shio through version 0.3.8 allows authenticated remote attackers to upload arbitrary files via manipulation of the filename parameter in the ShStaticFileAPI.shStaticFileUpload function. The vulnerability requires valid authentication credentials but lacks proper input validation on uploaded filenames, enabling arbitrary file placement on the server. Publicly available exploit code exists, though EPSS score remains low at 0.11% (28th percentile), suggesting limited real-world exploitation despite public disclosure.

Java Authentication Bypass File Upload +1
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Path traversal in OpenViglet Shio up to version 0.3.8 allows authenticated remote attackers to read arbitrary files by manipulating the fileName parameter in the shStaticFilePreUpload API endpoint. The vulnerability has low practical impact (CVSS 2.1, EPSS 0.22%) despite being rated critical in severity classification, as it requires prior authentication and provides only limited confidentiality exposure. Public exploit code is available.

Java Path Traversal Shio
NVD GitHub VulDB
EPSS 0% CVSS 2.0
LOW POC Monitor

Roothub versions up to 2.6 contain a reflected cross-site scripting (XSS) vulnerability in the SystemConfigAdminController Edit function that allows authenticated users to inject malicious scripts via the web interface. The vulnerability requires user interaction (clicking a malicious link) and authenticated access, limiting its practical impact despite network-accessible delivery. Publicly available exploit code exists, though real-world exploitation risk is low given the EPSS score of 0.06% and the authentication barrier.

Java XSS Roothub
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

SQL injection in the SysLogController of fuyang_lipengjun platform allows authenticated remote attackers to execute arbitrary SQL queries via the key parameter, with publicly available exploit code disclosed. Despite a critical classification, the CVSS 4.0 score of 2.1 and low EPSS percentile (22%) indicate limited real-world impact due to requirement for prior authentication and low confidentiality/integrity scope; however, the public exploit and authenticated network access vector warrant monitoring.

SQLi Java Platform
NVD VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

SQL injection in fuyang_lipengjun platform allows authenticated remote attackers to execute arbitrary SQL queries via the beanName parameter in the queryPage function of ScheduleJobController.java. The CVSS score of 2.1 reflects limited confidentiality and integrity impact with authentication required, though publicly available exploit code exists. EPSS score of 0.07% (percentile 22%) suggests low real-world exploitation probability despite public POC availability.

SQLi Java Platform
NVD VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

RuoYi versions up to 4.8.1 allow authenticated users to upload files without restriction via the CommonController.uploadFile function, enabling arbitrary file upload. The vulnerability requires valid credentials (PR:L per CVSS vector) but permits remote exploitation with low complexity. Public exploit code exists; however, EPSS score of 0.05% (15th percentile) suggests minimal real-world exploitation despite public disclosure, indicating the threat is constrained by authentication requirements or other practical barriers.

Java Authentication Bypass File Upload +1
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

SQL injection in TDuckCloud tduck-platform 5.1 allows authenticated remote attackers to manipulate the formKey parameter in the UserFormDataMapper function, enabling unauthorized database queries with limited confidentiality and integrity impact. Publicly available exploit code exists, and the vendor has not responded to early disclosure notification.

SQLi Java Tduck Platform
NVD GitHub VulDB
EPSS 0% CVSS 2.0
LOW POC PATCH Monitor

Stored cross-site scripting (XSS) in JeeSite's xssFilter function allows authenticated users to inject malicious scripts via the text parameter in EncodeUtils.java, affecting versions up to 5.12.0. The vulnerability requires user interaction to trigger payload execution and has publicly available exploit code. With EPSS score of 0.07% and CVSS 2.0, exploitation likelihood is low despite public disclosure, but remediation is straightforward via vendor patch.

Java XSS Jeesite
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC PATCH Monitor

Unrestricted file upload in JeeSite up to version 5.12.0 allows authenticated remote attackers to upload arbitrary files via the FileUploadController, potentially leading to remote code execution or data exfiltration. The vulnerability has a publicly disclosed proof-of-concept and is classified as critical despite a low CVSS 4.0 score of 2.1, indicating that the CVSS vector (requiring authenticated access and limited scope of impact) does not fully reflect the practical severity of unrestricted file upload capabilities in a web application context.

Java Authentication Bypass File Upload +1
NVD GitHub VulDB
EPSS 0% CVSS 2.9
LOW POC PATCH Monitor

Token generation in Xuxueli xxl-job up to version 3.1.1 uses password hashing with insufficient computational effort (weak bcrypt configuration or equivalent), allowing attackers to crack authentication tokens through brute force. The vulnerability affects the makeToken function in IndexController.java and has low practical impact (confidentiality impact only, no integrity or availability damage), but exploitation requires high attack complexity and is not known to be actively exploited at scale despite public disclosure of the vulnerability.

Information Disclosure Java Xxl Job
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC PATCH Monitor

Open redirect in JeeSite's SSO controller allows remote attackers to redirect users to arbitrary external URLs by manipulating the redirect parameter, exploiting user trust to facilitate phishing or credential theft attacks. Affects JeeSite up to version 5.12.0. Publicly available exploit code exists and requires user interaction (clicking a malicious link), but no active exploitation in the wild has been confirmed. CVSS score is low (2.1) due to UI requirement and limited impact, though EPSS (0.11%) indicates minimal real-world exploitation probability.

Java Open Redirect Jeesite
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC PATCH Monitor

Open redirect vulnerability in JeeSite up to version 5.12.0 allows unauthenticated remote attackers to redirect users to arbitrary external websites via a crafted redirect parameter in the Site Controller select function. The vulnerability requires user interaction (clicking a malicious link) but carries low integrity impact through browser-based redirection. Publicly available exploit code exists, and a patch is available from the vendor; however, the EPSS score of 0.11% indicates low real-world exploitation probability despite public disclosure.

Java Open Redirect Jeesite
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC PATCH Monitor

Server-side request forgery (SSRF) in thinkgem JeeSite up to version 5.12.0 allows authenticated remote attackers to manipulate the Source argument in the UEditor Image Grabber component (ActionEnter.java), enabling arbitrary HTTP requests from the vulnerable server with low confidentiality, integrity, and availability impact. Publicly available exploit code exists, and a patch has been released by the vendor.

Java SSRF Jeesite
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

CVE-2025-53639 is a critical SQL injection vulnerability in MeterSphere's API sorting functionality where the sortField parameter lacks proper input validation and sanitization. All versions prior to 3.6.5-lts are affected, allowing unauthenticated remote attackers to execute arbitrary SQL statements and completely compromise database integrity, availability, and confidentiality. This is a network-exploitable vulnerability with no authentication required and high real-world risk.

SQLi Java Metersphere
NVD GitHub
EPSS 0% CVSS 8.0
HIGH PATCH This Week

CVE-2024-51768 is a remote code execution vulnerability in HPE AutoPass License Server (APLS) versions prior to 9.17, stemming from unsafe deserialization in the embedded HSQLDB database library. An authenticated attacker with local network access can execute arbitrary code with the privileges of the APLS service, potentially leading to complete system compromise. The vulnerability has a CVSS score of 8.0 and represents a significant risk to organizations using affected APLS versions, particularly given the authentication requirement is modest (PR:L) and the attack complexity is low.

RCE HP Java +1
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Apache Jackrabbit versions prior to 2.23.2 contain blind XXE (XML External Entity) vulnerabilities in jackrabbit-spi-commons and jackrabbit-core components due to unsafe XML document parsing when loading privilege definitions. An authenticated attacker with low privileges can exploit this to achieve high-impact confidentiality, integrity, and availability compromise. The vulnerability requires user authentication (PR:L) but has no interaction requirement and affects all systems regardless of scope.

XXE Apache Java +3
NVD GitHub
EPSS 0% CVSS 2.0
LOW POC Monitor

A vulnerability has been found in jshERP up to 3.5 and classified as critical. This vulnerability affects the function exportExcelByParam of the file /src/main/java/com/jsh/erp/controller/SystemConfigController.java. The manipulation of the argument Title leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Java Path Traversal
NVD GitHub VulDB
EPSS 0% CVSS 6.3
MEDIUM This Month

A remote code execution vulnerability in Dromara Northstar (CVSS 6.3). Remediation should follow standard vulnerability management procedures.

Information Disclosure Java
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

A remote code execution vulnerability (CVSS 7.5). High severity vulnerability requiring prompt remediation.

Apache Tomcat Denial Of Service +3
NVD HeroDevs GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

CVE-2025-52520 is an integer overflow vulnerability in Apache Tomcat's multipart upload handling that allows unauthenticated remote attackers to bypass size limits and trigger denial of service. The vulnerability affects Tomcat versions 11.0.0-M1 through 11.0.8, 10.1.0-M1 through 10.1.42, 9.0.0.M1 through 9.0.106, and EOL version 8.5.0 through 8.5.100, requiring only network access with no authentication. With a CVSS score of 7.5 (High severity) and an attack vector rated as Network/Low complexity, this represents a significant availability risk for unpatched deployments.

Apache Tomcat Integer Overflow +4
NVD HeroDevs GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Apache Tomcat contains a race condition vulnerability in the APR/Native connector that can be triggered during concurrent HTTP/2 connection handling, particularly when clients initiate connection closes. The vulnerability affects Tomcat 9.0.0.M1 through 9.0.106 (and EOL versions 8.5.0-8.5.100), allowing remote unauthenticated attackers to cause denial of service through improper synchronization of shared resources. With a CVSS score of 7.5 and network-accessible attack vector requiring no authentication, this represents a high-severity availability impact, though no active public exploitation has been confirmed.

Apache Race Condition Tomcat +4
NVD HeroDevs GitHub
EPSS 0% CVSS 3.5
LOW Monitor

CVE-2025-42978 is a security vulnerability (CVSS 3.5). Remediation should follow standard vulnerability management procedures.

SAP Information Disclosure Java
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

SAP NetWeaver XML Data Archiving Service allows an authenticated attacker with administrative privileges to exploit an insecure Java deserialization vulnerability by sending a specially crafted serialized Java object. This could lead to high impact on confidentiality, integrity, and availability of the application.

Deserialization SAP Java
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

A critical vulnerability in SAP NetWeaver Application server for Java Log Viewer enables authenticated administrator users to exploit unsafe Java object deserialization. Successful exploitation can lead to full operating system compromise, granting attackers complete control over the affected system. This results in a severe impact on the confidentiality, integrity, and availability of the application and host environment.

Deserialization SAP Java
NVD
EPSS 0% CVSS 2.1
LOW POC Monitor

A vulnerability classified as critical was found in risesoft-y9 Digital-Infrastructure up to 9.6.7. Affected by this vulnerability is the function deleteFile of the file /Digital-Infrastructure-9.6.7/y9-digitalbase-webapp/y9-module-filemanager/risenet-y9boot-webapp-filemanager/src/main/java/net/risesoft/y9public/controller/Y9FileController.java. The manipulation of the argument fullPath leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Java Path Traversal
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM This Month

A security vulnerability in Zipkin through 3.5.1 (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Information Disclosure Java
NVD GitHub
EPSS 3% CVSS 10.0
CRITICAL Act Now

An unauthenticated remote command execution vulnerability exists in the applyCT component of the Hikvision Integrated Security Management Platform due to the use of a vulnerable version of the Fastjson library. The endpoint /bic/ssoService/v1/applyCT deserializes untrusted user input, allowing an attacker to trigger Fastjson's auto-type feature to load arbitrary Java classes. By referencing a malicious class via an LDAP URL, an attacker can achieve remote code execution on the underlying system. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-05 UTC.

Deserialization RCE Java +1
NVD GitHub
EPSS 0% CVSS 5.8
MEDIUM PATCH This Month

A security vulnerability in JUnit (CVSS 5.8). Remediation should follow standard vulnerability management procedures.

Information Disclosure Java Ubuntu +3
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM POC This Month

A vulnerability has been found in Dromara RuoYi-Vue-Plus 5.4.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /src/main/java/org/dromara/demo/controller/MailController.java of the component Mail Handler. The manipulation of the argument filePath leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Java Path Traversal Ruoyi Vue Plus
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Orkes Conductor v3.21.11 allows remote attackers to execute arbitrary OS commands through unrestricted access to Java classes.

Java Command Injection
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A vulnerability was found in ESAPI esapi-java-legacy and classified as problematic. This issue affects the interface Encoder.encodeForSQL of the SQL Injection Defense. An attack leads to an improper neutralization of special elements. The attack may be initiated remotely and an exploit has been disclosed to the public. The project was contacted early about this issue and handled it with an exceptional level of professionalism. Upgrading to version 2.7.0.0 is able to address this issue. Commit ID f75ac2c2647a81d2cfbdc9c899f8719c240ed512 is disabling the feature by default and any attempt to use it will trigger a warning. And commit ID e2322914304d9b1c52523ff24be495b7832f6a56 is updating the misleading Java class documentation to warn about the risks.

Java SQLi
NVD GitHub VulDB
EPSS 0% CVSS 6.0
MEDIUM PATCH This Month

In Akka through 2.10.6, akka-cluster-metrics uses Java serialization for cluster metrics.

Deserialization Java
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, a threat actor may take advantage of a feature in Java in which the character "ı" becomes "I" when converted to uppercase, and the character "ſ" becomes "S" when converted to uppercase. A threat actor who uses a carefully crafted message that exploits this character conversion can cause remote code execution. The vulnerability has been fixed in v2.10.11. No known workarounds are available.

RCE Java Dataease
NVD GitHub
EPSS 0% CVSS 9.0
CRITICAL Act Now

IBM WebSphere Application Server (WAS) versions 8.5 and 9.0 are vulnerable to remote code execution through deserialization of untrusted serialized objects, allowing unauthenticated network attackers to execute arbitrary code with high confidence despite moderate attack complexity. This is a critical Java deserialization vulnerability (CWE-502) affecting enterprise application servers in widespread use; exploitation status and EPSS probability are not yet public but the CVSS 9.0 score and network-accessible attack vector indicate this is a priority concern for organizations running affected WAS versions.

Deserialization RCE IBM +2
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Allure 2 versions prior to 2.34.1 contain a critical XML External Entity (XXE) injection vulnerability in the xunit-xml-plugin that allows unauthenticated remote attackers to read arbitrary files from the server's filesystem and potentially trigger SSRF attacks. The vulnerability stems from insecure XML parser configuration in the DocumentBuilderFactory and is exploitable by uploading or providing malicious test result XML files without any authentication or user interaction required.

XXE SSRF Information Disclosure +1
NVD GitHub
EPSS 1% CVSS 9.3
CRITICAL PATCH Act Now

CVE-2025-2566 is an unsafe Java deserialization vulnerability in Kaleris NAVIS N4 ULC that allows unauthenticated attackers to execute arbitrary code on affected servers through specially crafted requests. The vulnerability affects Kaleris NAVIS N4 Ultra Light Client installations and presents critical risk due to its network-accessible attack vector, lack of authentication requirements, and remote code execution impact. Given the CVSS 9.3 score and unauthenticated attack surface, this should be treated as a priority vulnerability for organizations running affected versions.

Deserialization RCE Java
NVD
EPSS 0% CVSS 2.1
LOW POC Monitor

A vulnerability was found in java-aodeng Hope-Boot 1.0.0. It has been classified as problematic. Affected is the function doLogin of the file /src/main/java/com/hope/controller/WebController.java of the component Login. The manipulation of the argument redirect_url leads to open redirect. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Java Open Redirect
NVD GitHub VulDB
EPSS 0% CVSS 2.0
LOW POC Monitor

A vulnerability was found in java-aodeng Hope-Boot 1.0.0 and classified as problematic. This issue affects the function Login of the file /src/main/java/com/hope/controller/WebController.java. The manipulation of the argument errorMsg leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

XSS Java
NVD GitHub VulDB
EPSS 0% CVSS 10.0
CRITICAL POC Act Now

A code injection vulnerability exists in Yonyou UFIDA NC v6.5 and prior due to the exposure of the BeanShell testing servlet (bsh.servlet.BshServlet) without proper access controls. The servlet allows unauthenticated remote attackers to execute arbitrary Java code via the bsh.script parameter. This can be exploited to run system commands and ultimately gain full control over the target server. The issue is rooted in a third-party JAR component bundled with the application, and the servlet is accessible without authentication on vulnerable installations. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-05 UTC.

Java Authentication Bypass
NVD
EPSS 0% CVSS 1.3
LOW POC Monitor

A remote code execution vulnerability in xxyopen/201206030 novel-plus (CVSS 4.2). Risk factors: public PoC available.

Information Disclosure Java
NVD VulDB
EPSS 0% CVSS 2.9
LOW POC Monitor

A vulnerability, which was classified as critical, has been found in xxyopen/201206030 novel-plus up to 5.1.3. Affected by this issue is the function ajaxLogin of the file novel-admin/src/main/java/com/java2nb/system/controller/LoginController.java of the component CATCHA Handler. The manipulation leads to authentication bypass by capture-replay. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Java Authentication Bypass
NVD VulDB
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

A security vulnerability in versions (CVSS 6.4). Remediation should follow standard vulnerability management procedures.

Information Disclosure Java Red Hat
NVD GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

A vulnerability was found in Dromara MaxKey up to 4.1.7 and classified as critical. This issue affects the function Add of the file maxkey-webs\maxkey-web-mgt\src\main\java\org\dromara\maxkey\web\apps\contorller\SAML20DetailsController.java of the component Meta URL Handler. The manipulation of the argument post leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

SSRF Java
NVD GitHub VulDB
EPSS 0% CVSS 2.0
LOW POC Monitor

A vulnerability was found in seaswalker spring-analysis up to 4379cce848af96997a9d7ef91d594aa129be8d71. It has been declared as problematic. Affected by this vulnerability is the function echo of the file /src/main/java/controller/SimpleController.java. The manipulation of the argument Name leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.

XSS Java
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC PATCH Monitor

A vulnerability was found in ageerle ruoyi-ai 2.0.0 and classified as critical. Affected by this issue is the function speechToTextTranscriptionsV2/upload of the file ruoyi-modules/ruoyi-system/src/main/java/org/ruoyi/system/service/impl/SseServiceImpl.java. The manipulation of the argument File leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.0.1 is able to address this issue. The patch is identified as 4e93ac86d4891c59ecfcd27c051de9b3c5379315. It is recommended to upgrade the affected component.

File Upload Java Authentication Bypass
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

A vulnerability classified as critical has been found in diyhi bbs 6.8. Affected is the function Add of the file /src/main/java/cms/web/action/template/ForumManageAction.java of the component API. The manipulation of the argument dirName leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Java Path Traversal
NVD GitHub VulDB
EPSS 0% CVSS 6.1
MEDIUM This Month

The Versa Director SD-WAN orchestration platform provides functionality to upload various types of files. However, the Java code handling file uploads contains an argument injection vulnerability. By appending additional arguments to the file name, an attacker can bypass MIME type validation, allowing the upload of arbitrary file types. This flaw can be exploited to place a malicious file on disk. Versa Networks is not aware of any reported instance where this vulnerability was exploited. Proof of concept for this vulnerability has been disclosed by third party security researchers. There are no workarounds to disable the GUI option. Versa recommends that Director be upgraded to one of the remediated software versions.

Java RCE
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

CVE-2025-49125 is an authentication bypass vulnerability in Apache Tomcat affecting versions 8.5.0-8.5.100, 9.0.0-9.0.105, 10.1.0-10.1.41, and 11.0.0-11.0.7. The vulnerability allows unauthenticated remote attackers to access PreResources or PostResources mounted outside the web application root via alternate path traversal, bypassing security constraints configured for the intended resource path. With a CVSS score of 7.5 and high confidentiality impact, this represents a critical authentication mechanism failure that requires immediate patching.

Apache Tomcat Authentication Bypass +3
NVD HeroDevs GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

A remote code execution vulnerability in Apache Tomcat (CVSS 7.5). High severity vulnerability requiring prompt remediation.

Apache Tomcat Denial Of Service +3
NVD HeroDevs GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Apache Commons FileUpload contains a Denial of Service vulnerability in multipart header processing due to insufficient resource allocation limits (CWE-770). Affected versions are 1.0 through 1.5.x and 2.0.0-M1 through 2.0.0-M3. An unauthenticated remote attacker can exploit this with a network request to cause resource exhaustion and service unavailability without requiring user interaction or elevated privileges. CVSS 7.5 (High) reflects the high availability impact; KEV and EPSS data availability would determine exploitation likelihood in the wild.

Apache Denial Of Service Java +3
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

CVE-2025-25264 is a security vulnerability (CVSS 6.5) that allows the attacker. Remediation should follow standard vulnerability management procedures.

Java Information Disclosure
NVD
EPSS 0% CVSS 2.1
LOW POC Monitor

A vulnerability was found in javahongxi whatsmars 2021.4.0. It has been rated as problematic. Affected by this issue is the function initialize of the file /whatsmars-archetypes/whatsmars-initializr/src/main/java/org/hongxi/whatsmars/initializr/controller/InitializrController.java. The manipulation of the argument artifactId leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Java Path Traversal
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

A vulnerability was found in hansonwang99 Spring-Boot-In-Action up to 807fd37643aa774b94fd004cc3adbd29ca17e9aa. It has been declared as critical. Affected by this vulnerability is the function watermarkTest of the file /springbt_watermark/src/main/java/cn/codesheep/springbt_watermark/service/ImageUploadService.java of the component File Upload. The manipulation of the argument filename leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The vendor was contacted early about this disclosure but did not respond in any way.

File Upload Java Path Traversal
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Description In Spring Framework, versions 6.0.x as of 6.0.5, versions 6.1.x and 6.2.x, an application is vulnerable to a reflected file download (RFD) attack when it sets a “Content-Disposition” header with a non-ASCII charset, where the filename attribute is derived from user-supplied input. Specifically, an application is vulnerable when all the following are true: * The header is prepared with org.springframework.http.ContentDisposition. * The filename is set via ContentDisposition.Builder#filename(String, Charset). * The value for the filename is derived from user-supplied input. * The application does not sanitize the user-supplied input. * The downloaded content of the response is injected with malicious commands by the attacker (see RFD paper reference for details). An application is not vulnerable if any of the following is true: * The application does not set a “Content-Disposition” response header. * The header is not prepared with org.springframework.http.ContentDisposition. * The filename is set via one of: * ContentDisposition.Builder#filename(String), or * ContentDisposition.Builder#filename(String, ASCII) * The filename is not derived from user-supplied input. * The filename is derived from user-supplied input but sanitized by the application. * The attacker cannot inject malicious content in the downloaded content of the response. Affected Spring Products and VersionsSpring Framework: * 6.2.0 - 6.2.7 * 6.1.0 - 6.1.20 * 6.0.5 - 6.0.28 * Older, unsupported versions are not affected MitigationUsers of affected versions should upgrade to the corresponding fixed version. Affected version(s)Fix versionAvailability6.2.x6.2.8OSS6.1.x6.1.21OSS6.0.x6.0.29 Commercial https://enterprise.spring.io/ No further mitigation steps are necessary. CWE-113 in `Content-Disposition` handling in VMware Spring Framework versions 6.0.5 to 6.2.7 allows remote attackers to launch Reflected File Download (RFD) attacks via unsanitized user input in `ContentDisposition.Builder#filename(String, Charset)` with non-ASCII charsets.

Java Code Injection VMware +4
NVD
EPSS 0% CVSS 8.2
HIGH PATCH This Week

The PostgreSQL JDBC driver (pgjdbc) versions 42.7.4 through 42.7.6 contain an authentication bypass vulnerability where channel binding validation is incorrectly disabled, allowing man-in-the-middle attackers to intercept connections that administrators configured to require channel binding protection. Affected users running pgjdbc with channel binding set to 'required' (a non-default but security-conscious configuration) are vulnerable to credential interception and session hijacking despite believing their connections are protected. The vulnerability is fixed in version 42.7.7.

PostgreSQL Authentication Bypass Java +3
NVD GitHub
EPSS 6% CVSS 7.5
HIGH POC PATCH This Week

GeoServer contains a Server-Side Request Forgery (SSRF) vulnerability in the Demo request endpoint (TestWfsPost servlet) that allows unauthenticated network attackers to make arbitrary HTTP requests from the server when Proxy Base URL is not configured. This high-severity vulnerability (CVSS 7.5) affects GeoServer versions prior to 2.24.4 and 2.25.2, enabling attackers to access internal resources, cloud metadata endpoints, and potentially interact with backend systems.

Java SSRF Geoserver
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM This Month

A remote code execution vulnerability (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Java Authentication Bypass
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

A remote code execution vulnerability (CVSS 7.5). High severity vulnerability requiring prompt remediation.

Denial Of Service Apache Java +5
NVD GitHub HeroDevs
EPSS 0% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability in A possible security vulnerability (CVSS 8.8). High severity vulnerability requiring prompt remediation.

Deserialization Java Apache +5
NVD GitHub HeroDevs
EPSS 0% CVSS 2.0
LOW POC Monitor

A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has been classified as problematic. Affected is an unknown function of the file UserMgrController.java of the component File Upload. The manipulation of the argument File leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

File Upload Java XSS
NVD GitHub VulDB
EPSS 0% CVSS 2.0
LOW POC Monitor

A vulnerability, which was classified as problematic, was found in WuKongOpenSource WukongCRM 9.0. This affects an unknown part of the file AdminSysConfigController.java of the component File Upload. The manipulation of the argument File leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

File Upload Java XSS
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Critical deserialization of untrusted data vulnerability in Apache InLong versions 1.13.0 through 2.0.x that allows authenticated attackers to read arbitrary files through parameter manipulation ('double writing' the param). With a CVSS 9.8 score and network-based attack vector requiring no user interaction, this represents a high-severity information disclosure risk affecting data ingestion pipeline deployments.

Deserialization Apache Java +2
NVD GitHub
EPSS 0% CVSS 8.0
HIGH PATCH This Week

A cross-site scripting vulnerability (CVSS 8.0). High severity vulnerability requiring prompt remediation.

XSS Jenkins Java +1
NVD GitHub
EPSS 0% CVSS 6.3
MEDIUM POC This Month

A vulnerability classified as critical was found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 2.5.0. Affected by this vulnerability is the function executeScript of the file /src/main/java/com/dstz/sys/rest/controller/SysScriptController.java of the component Groovy Script Handler. The manipulation of the argument script leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Deserialization Java Agilebpm
NVD VulDB
EPSS 0% CVSS 6.3
MEDIUM POC This Month

A vulnerability classified as critical has been found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 2.5.0. Affected is the function parseStrByFreeMarker of the file /src/main/java/com/dstz/sys/rest/controller/SysToolsController.java. The manipulation of the argument str leads to deserialization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Deserialization Java Agilebpm
NVD VulDB
EPSS 1% CVSS 3.8
LOW Monitor

A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to execute arbitrary code on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials.  This vulnerability is due to insecure deserialization of Java objects by the affected software. An attacker could exploit this vulnerability by sending a crafted Java object to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of an affected device as a low-privilege user. A successful exploit could also allow the attacker to undertake further actions to elevate their privileges to root.

Deserialization Java RCE +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability in the file opening process of Cisco Unified Contact Center Express (Unified CCX) Editor could allow an unauthenticated attacker to execute arbitrary code on an affected device.  This vulnerability is due to insecure deserialization of Java objects by the affected software. An attacker could exploit this vulnerability by persuading an authenticated, local user to open a crafted .aef file. A successful exploit could allow the attacker to execute arbitrary code on the host that is running the editor application with the privileges of the user who launched it.

Deserialization Java RCE +2
NVD
EPSS 0% CVSS 4.3
MEDIUM POC This Month

A vulnerability classified as problematic has been found in aaluoxiang oa_system up to 5b445a6227b51cee287bd0c7c33ed94b801a82a5. This affects the function image of the file src/main/java/cn/gson/oasys/controller/process/ProcedureController.java. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.

Java Path Traversal Oa System
NVD GitHub VulDB
EPSS 0% CVSS 4.3
MEDIUM POC This Month

A vulnerability was found in aaluoxiang oa_system up to 5b445a6227b51cee287bd0c7c33ed94b801a82a5. It has been rated as problematic. Affected by this issue is the function image of the file src/main/java/cn/gson/oasys/controller/user/UserpanelController.java. The manipulation leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.

Java Path Traversal Oa System
NVD GitHub VulDB
EPSS 0% CVSS 3.5
LOW POC Monitor

A vulnerability classified as problematic has been found in enilu web-flash 1.0. This affects the function fileService.upload of the file src/main/java/cn/enilu/flash/api/controller/FileController/upload of the component File Upload. The manipulation of the argument File leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

File Upload Java XSS
NVD VulDB
EPSS 1% CVSS 7.3
HIGH PATCH This Week

A information disclosure vulnerability (CVSS 7.3) that allows an attacker. High severity vulnerability requiring prompt remediation. Vendor patch is available.

RCE Java Hibernate Validator +1
NVD GitHub VulDB
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

If you enable Basic Authentication in Pekko Management using the Java DSL, the authenticator may not be properly applied. Users that rely on authentication instead of making sure the Management API ports are only available to trusted users are recommended to upgrade to version 1.1.1, which fixes this issue. Akka was affected by the same issue and has released the fix in version 1.6.1.

Java Authentication Bypass Akka Management +1
NVD GitHub
EPSS 0% CVSS 8.6
HIGH PATCH This Month

Spring Cloud Gateway Server forwards the X-Forwarded-For and Forwarded headers from untrusted proxies. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Request Smuggling Java +1
NVD HeroDevs
EPSS 8% CVSS 5.3
MEDIUM KEV THREAT Act Now

The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap dump endpoint at a /heapdump URI, as exploited in the wild in May 2025. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and no vendor patch available.

Information Disclosure Java Telemessage
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Month

Improper Access Control vulnerability in Apache Commons. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Apache Authentication Bypass +4
NVD
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

A Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in spacewalk-java allows execution of arbitrary Javascript code on users. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Java Suse
NVD
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

A Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in spacewalk-java allows execution of arbitrary Javascript code on target. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Java Suse
NVD
Prev Page 9 of 37 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy