130 matches found
EUVD-2021-20194
Malware in sbrugna...
EUVD-2013-5021
Malware in sbrugna...
EUVD-2018-8961
Malware in sbrugna...
This Week in Spring - April 15th, 2025
Spring AI M7 is here! This new release includes a bunch of awesome new features! And some refactorings. Notably that the Spring AI auto-configuration has changed from a single monolithic artifact to individual auto-configuration artifacts per model, vector store, and other components. This change...
This Week in Spring - April 8th, 2025
Hi, Spring fans! How are ya? I'm doing fine. Excited, even. You see, Spring AI M7 is coming soon! In theory, it drops on Thursday. Don't hold us to that — these things can change :- But soon , and it's turning out to be a whopper of a release! You should try upgrading your application to the new ...
CVE-2024-52508
Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. When a user is trying to set up a mail account with an email address like [email protected] that does not support auto configuration, and an attacker managed to register autoconfig.tld, the used email details would ...
Bootiful Spring Boot 3.4: Spring Boot
And now we’re back where we started: Spring Boot 3.4! This release is what pulls everything together. When you look at Spring Boot, remember that it normalizes the integration of all the projects it assembles and tries, wherever possible, to smooth out whatever integration issues might arise from...
CVE-2024-52508
Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. When a user is trying to set up a mail account with an email address like [email protected] that does not support auto configuration, and an attacker managed to register autoconfig.tld, the used email details would ...
CVE-2024-52508 Nextcloud Mail auto configurator can be tricked into sending account information to wrong servers
Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. When a user is trying to set up a mail account with an email address like [email protected] that does not support auto configuration, and an attacker managed to register autoconfig.tld, the used email details would ...
CVE-2024-52508
CVE-2024-52508 affects Nextcloud Mail. The auto configuration flow can cause email account details to be sent to an attacker-controlled autoconfig.tld when a user’s domain cannot auto-configure. Affected Nextcloud Mail versions include pre-1.14.6, pre-1.15.4, pre-2.2.11, pre-3.6.3, pre-3.7.7, and...
PT-2024-9168 · Nextcloud +1 · Nextcloud Mail +1
Name of the Vulnerable Software and Affected Versions: Nextcloud Mail versions prior to 1.14.6 Nextcloud Mail versions prior to 1.15.4 Nextcloud Mail versions prior to 2.2.11 Nextcloud Mail versions prior to 3.6.3 Nextcloud Mail versions prior to 3.7.7 Nextcloud Mail versions prior to 4.0.0...
The vulnerability of the Windows WLAN operating system’s automatic configuration service allows attackers to increase their privileges.
The vulnerability of the Windows WLAN operating system’s automatic configuration service is related to the lack of authentication for critical functions. Exploiting this vulnerability can allow attackers to increase their privileges...
PT-2024-25535 · Axiros · Axess Auto Configuration Server
Name of the Vulnerable Software and Affected Versions: Axiros AXESS Auto Configuration Server ACS versions 4.x through 5.0.0 Description: The issue is related to Incorrect Access Control, allowing an authorization bypass that enables remote attackers to achieve unauthenticated remote code...
spring-boot: Spring Boot Welcome Page DoS Vulnerability
A flaw was found in Spring Boot, occurring prominently in Spring MVC with a reverse proxy cache. This issue requires Spring MVC to have auto-configuration enabled and the application to use Spring Boot's welcome page support, either static or templated, resulting in the application being deployed...
spring-boot: Spring Boot Welcome Page DoS Vulnerability
A flaw was found in Spring Boot, occurring prominently in Spring MVC with a reverse proxy cache. This issue requires Spring MVC to have auto-configuration enabled and the application to use Spring Boot's welcome page support, either static or templated, resulting in the application being deployed...
Improved Testcontainers Support in Spring Boot 3.1
There's been support for Testcontainers in Spring Boot for some time now, and Spring Boot 3.1 improves it further. But first, let's take a look at what Testcontainers is and how it's usually used. Testcontainers is an open source framework for providing throwaway, lightweight instances of...
spring-boot: Spring Boot Welcome Page DoS Vulnerability
A flaw was found in Spring Boot, occurring prominently in Spring MVC with a reverse proxy cache. This issue requires Spring MVC to have auto-configuration enabled and the application to use Spring Boot's welcome page support, either static or templated, resulting in the application being deployed...
Denial Of Service (DoS)
spring-boot-autoconfigure is vulnerable to Denial Of Service DoS. The vulnerability is applicable when the application has Spring MVC auto-configuration enabled and uses the Spring Boot welcome page, which can be either static or templated, and the application is deployed behind a proxy which...
SUSE CVE-2009-3372
Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration PAC file...
Microsoft Windows WLAN AutoConfig Service 资源管理错误漏洞
Microsoft Windows WLAN AutoConfig Service is a wireless network card configuration service for Microsoft Windows Vista and above. Denial of Service vulnerability. The vulnerability stems from a failure to properly handle incoming error messages, and can be exploited to cause a denial of service o...