Java - CVE CyberSecurity Database News (Page 84)

Jun 15, 2023 Java xerial snappy-java

CVE-2023-34453 - snappy-java Integer Overflow in BitShuffle Function Leads to Fatal Errors

Overview: snappy-java is a popular Java library known for its high-speed compression and decompression. A serious flaw existed before version 1.1.10.1, tracked

Jun 15, 2023 Java xerial snappy-java

CVE-2023-34454 - Fatal Flaw in snappy-java’s Compression—How Integer Overflow Can Crash Your Java Application

snappy-java is a widely used, high-speed Java library for compression and decompression, especially valued in big data circles for its blazing fast performance. But in

Jun 14, 2023 API Java Fasterxml Jackson-databind

CVE-2023-35116 - Understanding the Jackson-Databind Cyclic Dependency “Vulnerability” with Examples and Exploit Details

Published: June 2023 Affected Component: jackson-databind (up to 2.15.2) Impact: Denial of Service (DoS), Unspecified issue via cyclic dependencies Status: Debated (vendor disagrees

CVE-2023-34747 - How a Simple File Upload Flaw in ujcms 6..2 Lets Attackers Run Arbitrary Code

Jun 14, 2023 API Exploit Java Ujcms

CVE-2023-34747 - How a Simple File Upload Flaw in ujcms 6..2 Lets Attackers Run Arbitrary Code

Content management systems (CMS) make website building easy, but their complex features can introduce serious security problems. One recent case is in ujcms, a popular

Jun 6, 2023 API Java grafana

CVE-2023-2801 - How Mixed Queries Can Crash Your Grafana—Full Explanation and Exploit Walkthrough

Grafana is a popular open-source platform for monitoring and observability. Organizations use it to visualize, analyze, and alert on data from various sources like databases,