164 matches found
EUVD-2018-0477
Malware in sbrugna...
EUVD-2018-0524
Malware in sbrugna...
EUVD-2018-0705
Malware in sbrugna...
EUVD-2018-11863
Malware in sbrugna...
EUVD-2022-5362
Malicious code in bioql PyPI...
EUVD-2022-4787
Malicious code in bioql PyPI...
EUVD-2022-5849
Malicious code in bioql PyPI...
EUVD-2022-5412
Malicious code in bioql PyPI...
EUVD-2022-4886
Malicious code in bioql PyPI...
EUVD-2022-5175
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2017-8039
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Pivotal Spring Web Flow through 2.4.5. Applications that do not change the value of the MvcViewFactoryCreator useSpringBinding proper...
Linux Distros Unpatched Vulnerability : CVE-2017-4971
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Pivotal Spring Web Flow through 2.4.4. Applications that do not change the value of the MvcViewFactoryCreator useSpringBinding proper...
RHEL 7 : jasperreports-server-pro (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jackson-databind: Unsafe deserialization due to incomplete black list incomplete fix for CVE-2017-15095...
Security Bulletin: IBM Sterling Control Center vulnerable to denial of service due to Spring Boot and remote code execution due to Spring Framework
Summary IBM Sterling Control Center containerized image uses VMWare Tanzu Spring Boot and Pivotal Spring Framework. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-20883 DESCRIPTION: VMware Tanzu Spring Boot is vulnerable to a denial...
Deserialization of untrusted data
Thorn SFTP gateway 3.4.x before 3.4.4 uses Pivotal Spring Framework for Java deserialization of untrusted data, which is not supported by Pivotal, a related issue to CVE-2016-1000027. Also, within the specific context of Thorn SFTP gateway, this leads to remote code execution...
PT-2023-30342 · Pivotal · Spring Framework
Name of the Vulnerable Software and Affected Versions: Thorn SFTP gateway versions 3.4.x through 3.4.3 Description: The issue arises from the use of Pivotal Spring Framework for Java deserialization of untrusted data, which is not supported by Pivotal. This leads to remote code execution within t...
CVE-2023-47174
Thorn SFTP gateway 3.4.x before 3.4.4 uses Pivotal Spring Framework for Java deserialization of untrusted data, which is not supported by Pivotal, a related issue to CVE-2016-1000027. Also, within the specific context of Thorn SFTP gateway, this leads to remote code execution...
CVE-2023-47174
Thorn SFTP gateway 3.4.x before 3.4.4 uses Pivotal Spring Framework for Java deserialization of untrusted data, which is not supported by Pivotal, a related issue to CVE-2016-1000027. Also, within the specific context of Thorn SFTP gateway, this leads to remote code execution...
Security Bulletin: Vulnerabilities in amqp-client affect IBM Storage Protect Client, IBM Storage Protect for Virtual Environments, and IBM Storage Protect for Space Management (CVE-2018-11087)
Summary IBM Storage Protect Backup-Archive Client Linux x8664 only, IBM Storage Protect for Virtual Environments Data Protection for VMware on Windows and Linux x8664, and IBM Storage Protect for Space Management Linux x8664 only can be affected by a vulnerability in Pivotal Sprint-AMQP and...
Security Bulletin: IBM Security Directory Integrator is affected by multiple security vulnerabilities
Summary IBM Security Directory Integrator has addressed several security issues in open source packages. Please apply the fix as detailed below. Vulnerability Details CVEID:CVE-2018-1270 DESCRIPTION: Pivotal Spring Framework could allow a remote attacker to execute arbitrary code on the system,...