| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-14340 | Admin Account Takeover via malicious URL payload | Payara Platform | Payara Server | - | - | 2026-02-18 13:39:11 | Deep Dive |
| CVE-2025-1534 | Cross-site Scripting (Stored) | Payara Platform | Payara Server | - | - | 2025-04-01 03:25:30 | Deep Dive |
| CVE-2024-45687 | HTTP Server incorrectly accepting disallowed characters within header values | Payara Platform | Payara Server | 低危 | - | 2025-01-21 16:35:44 | Deep Dive |
| CVE-2024-8215 | Payload Injection Attack via Management REST interface | Payara Platform | Payara Server | - | - | 2024-10-08 15:17:10 | Deep Dive |
| CVE-2024-8097 | Sensitive information exposure when the org.glassfish.admingui LOGGER is set to FINEST level | Payara Platform | Payara Server | - | - | 2024-09-11 16:32:10 | Deep Dive |
| CVE-2024-7312 | REST Interface Link Redirection via Host parameter | Payara Platform | Payara Server | - | - | 2024-09-11 15:28:43 | Deep Dive |
| CVE-2023-41699 | Payara Platform: URL Redirection to untrusted site using FORM authentication | Payara Platform | Payara Server, Micro and Embedded | Medium | 6.1 | 2023-11-15 19:54:24 | Deep Dive |