VDB
GCVE-110-NCSC-2025-334
GCVE-110-NCSC-2025-334
Advisory PublishedCVSS 7.5/10
Multiple vulnerabilities have been identified across various software products, including JUnit4, Oracle WebLogic Server, and TensorFlow, allowing unauthorized access and information disclosure, with several updates addressing these issues.
Weaknesses (CWE)
CWE-200Exposure of Sensitive Information to an Unauthorized ActorCWE-122Heap-based Buffer OverflowCWE-354Improper Validation of Integrity Check ValueCWE-787Out-of-bounds WriteCWE-770Allocation of Resources Without Limits or ThrottlingCWE-789Memory Allocation with Excessive Size ValueCWE-918Server-Side Request Forgery (SSRF)CWE-284Improper Access ControlCWE-400Uncontrolled Resource ConsumptionCWE-674Uncontrolled RecursionCWE-306Missing Authentication for Critical Function
Risk Scores
CVSS 3.1
7.5/10
High · CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Oracle | vers:unknown/* | — | — |
Browse GCVE Records
72,096 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.