Lucene search
K

7 matches found

Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.10 views

PT-2026-28325

Name of the Vulnerable Software and Affected Versions Spring AI versions 1.0.0 through 1.0.4 Spring AI versions 1.1.0 through 1.1.3 Description Spring AI’s spring-ai-bedrock-converse component has a Server-Side Request Forgery SSRF issue within the BedrockProxyChatModel. This occurs when handling...

8.6CVSS5.9AI score0.00353EPSS
Exploits0References11
NVD
NVD
added 2025/11/07 6:15 p.m.10 views

CVE-2025-12829

An uninitialized stack read issue exists in Amazon Ion-C versions v1.1.4 that may allow a threat actor to craft data and serialize it to Ion text in such a way that sensitive data in memory could be exposed through UTF-8 escape sequences. To mitigate this issue, users should upgrade to version...

6.9CVSS0.00147EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/11/07 6:4 p.m.3 views

CVE-2025-12829

An uninitialized stack read issue exists in Amazon Ion-C versions v1.1.4 that may allow a threat actor to craft data and serialize it to Ion text in such a way that sensitive data in memory could be exposed through UTF-8 escape sequences. To mitigate this issue, users should upgrade to version...

6.9CVSS6.3AI score0.00147EPSS
Exploits0References3
OSV
OSV
added 2025/11/07 6:4 p.m.7 views

CVE-2025-12829

An uninitialized stack read issue exists in Amazon Ion-C versions v1.1.4 that may allow a threat actor to craft data and serialize it to Ion text in such a way that sensitive data in memory could be exposed through UTF-8 escape sequences. To mitigate this issue, users should upgrade to version...

6.9CVSS6.7AI score0.00147EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/11/07 6:4 p.m.9 views

CVE-2025-12829

An uninitialized stack read issue exists in Amazon Ion-C versions v1.1.4 that may allow a threat actor to craft data and serialize it to Ion text in such a way that sensitive data in memory could be exposed through UTF-8 escape sequences. To mitigate this issue, users should upgrade to version...

6.9CVSS0.00147EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/12/04 12:0 a.m.3 views

PT-2024-10087 · Drupal · Drupal Entity Form Steps

Name of the Vulnerable Software and Affected Versions: Drupal Entity Form Steps versions 0.0.0 through 1.1.3 Description: The issue is related to improper neutralization of input during web page generation, allowing for Cross-Site Scripting XSS attacks. This can enable a remote attacker to conduc...

5.5CVSS5.7AI score0.00232EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2021/09/27 12:0 a.m.5 views

PT-2021-19445 · Furlongm · Openvpn-Monitor

Name of the Vulnerable Software and Affected Versions: furlongm openvpn-monitor versions 1.1.3 and earlier Description: The issue allows for Authorization Bypass, enabling the disconnection of arbitrary clients. Recommendations: For furlongm openvpn-monitor versions 1.1.3 and earlier, update to a...

8.7CVSS7.3AI score0.02448EPSS
Exploits6References14
Rows per page
Query Builder