📦 Process Automation

This vulnerability in Undertow allows malicious clients to send malformed requests that trigger server-side stream resets without incrementing abuse counters. This 'MadeYouReset' attack enables denial...

CVE-2023-44487 is an HTTP/2 protocol vulnerability that allows attackers to cause denial of service by rapidly resetting streams, consuming server resources. This affects any system using HTTP/2, incl...

CVE-2023-1108 is a denial-of-service vulnerability in Undertow's SSL/TLS implementation where an infinite loop in the handshake process can crash the server. This affects any system running vulnerable...

CVE-2022-1415 is a deserialization vulnerability in Drools core utility classes that allows authenticated attackers to execute arbitrary code on affected servers by sending malicious serialized object...

CVE-2019-14839 is an information disclosure vulnerability in Business-central console where HTTP requests expose login credentials during authentication. This affects organizations using vulnerable ve...

CVE-2022-0853 is a memory leak vulnerability in JBoss client applications that repeatedly use UserTransaction. This allows attackers to cause information leakage by exhausting memory resources. Organi...

CVE-2021-4104 is a deserialization vulnerability in Log4j 1.2's JMSAppender that allows remote code execution when attackers can modify Log4j configuration files. This affects systems running Log4j 1....

This vulnerability in fabric8 kubernetes-client allows malicious pods/containers to exploit the copy command to extract files outside the intended working directory path. Applications using the vulner...