From DHS/US-CERT's National Vulnerability Database
The PowerVM Logical Partition Mobility(LPM) (PowerVM Hypervisor FW920, FW930, FW940, and FW950) encryption key exchange protocol can be compromised. If an attacker has the ability to capture encrypted LPM network traffic and is able to gain service access to the FSP they can use this information to...
Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5.16, from 8.6.0 before 8.13.8, from 8.14.0 before 8.17.0 and Jira Service Management Data Center from version 2.0.2 before 4.5.16, from version 4.6.0 before 4.13.8, and from version 4.14.0 before 4.17.0 e...
Apache jUDDI uses several classes related to Java's Remote Method Invocation (RMI) which (as an extension to UDDI) provides an alternate transport for accessing UDDI services.
RMI uses the default Java serialization mechanism to pass parameters in RMI invocations. A remote attacker can send a malic...
This affects all versions of package curly-bracket-parser.
When used as a template library, it does not properly sanitize the user input.
All versions of package deepmergefn are vulnerable to Prototype Pollution via deepMerge function.