EUVD-2026-24610

Vulnerability in Spring Spring Security. When an application configures JWT decoding with NimbusJwtDecoder or NimbusReactiveJwtDecoder, it must configure an OAuth2TokenValidator separately, for example by calling setJwtValidator.This issue affects Spring Security: from 6.3.0 through 6.3.14, from...

SUSE CVE-2010-2777

Stack-based buffer overflow in the IMAP server component in GroupWise Internet Agent GWIA in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to execute arbitrary code via a long mailbox name in a CREATE command...

CVE-2021-25649

An information disclosure vulnerability was discovered in the directory and file management of Avaya Aura Utility Services. This vulnerability may potentially allow any local user to access system functionality and configuration information that should only be available to a privileged user...

PT-2021-16728 · Avaya · Avaya Aura Utility Services

Name of the Vulnerable Software and Affected Versions: Avaya Aura Utility Services versions 7.x Description: A privilege escalation issue was discovered in Avaya Aura Utility Services, potentially allowing a local user to execute specially crafted scripts as a privileged user. Recommendations: Fo...

Drupal OpenID Module Session Hijacking Vulnerability

Drupal is an open source content management framework CMF written in the PHP language, which consists of a content management system CMS and PHP development framework Framework together. A session hijacking vulnerability exists in the OpenID module in Drupal versions 6.x before 6.36 and 7.x befor...