Lucene search
+L

12 matches found

Spring Security Advisories
Spring Security Advisories
added 2025/08/07 12:0 a.m.7 views

A Bootiful Podcast: Andrew Lombardi, Beginning Spring AI co-author, and friend of the show

Hi, Spring fans! In this installment I am thrilled to talk to my longtime friend Andrew Lombardi about the latest-and-greatest, his new book Beginning Spring AI , and more...

7.2AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2024/04/03 12:0 a.m.35 views

This Week in Spring - April 2nd, 2024

Welcome, welcome, welcome, to another installment of This Week in Spring! You know, we've come a long way since you and I last spoke. It's April already! A new month! How bizarre. And, with the dawning of a new month, we're also more than 25% through this year! I sure hope you're paying attention...

7.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/02/13 12:0 a.m.7 views

PT-2023-19946 · Nextcloud · Nextcloud Mail

Name of the Vulnerable Software and Affected Versions: Nextcloud Mail versions prior to 2.2.1 Nextcloud Mail versions prior to 1.14.5 Nextcloud Mail versions prior to 1.12.9 Nextcloud Mail versions prior to 1.11.8 Description: Nextcloud Mail is an email app for the Nextcloud home server platform...

5.3CVSS5.1AI score0.0046EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2022/08/23 12:0 a.m.1 views

CVE-2021-28861

Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple / at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states...

6.3AI score0.0199EPSS
Exploits0References18
Microsoft CVE
Microsoft CVE
added 2020/08/18 7:0 a.m.5 views

An issue was discovered in the function mark_beginning_as_normal in nfa.c in flex 2.6.4. There is a stack exhaustion problem caused by the mark_beginning_as_normal function making recursive calls to itself in certain scenarios involving lots of '*' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service.

...

5.5CVSS5.9AI score0.01588EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2020/04/21 11:26 a.m.7 views

OpenJDK: Application data accepted before TLS handshake completion (JSSE, 8235691)

A flaw was found in the TLS/SSL implementation in the JSSE component of OpenJDK, where it did not properly handle application data packets received before the handshake completion. This flaw allowed unauthorized injection of data at the beginning of a TLS session...

7.5CVSS7.3AI score0.02698EPSS
Exploits0References4
NVD
NVD
added 2019/08/16 4:15 a.m.19 views

CVE-2018-20969

doedscript in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter...

9.3CVSS7.3AI score0.02706EPSS
Exploits1References9
OSV
OSV
added 2019/04/21 2:29 a.m.3 views

DEBIAN-CVE-2019-11389

An issue was discovered in OWASP ModSecurity Core Rule Set CRS through 3.1.0. /rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf allows remote attackers to cause a denial of service ReDOS by entering a specially crafted string with next at the beginning and nested repetition operators. NOTE: the...

5.3CVSS6.9AI score0.01671EPSS
Exploits1References1
OSV
OSV
added 2019/01/15 12:29 a.m.3 views

DEBIAN-CVE-2019-6293

An issue was discovered in the function markbeginningasnormal in nfa.c in flex 2.6.4. There is a stack exhaustion problem caused by the markbeginningasnormal function making recursive calls to itself in certain scenarios involving lots of '' characters. Remote attackers could leverage this...

5.5CVSS7.5AI score0.01588EPSS
Exploits1References1
OSV
OSV
added 2019/01/15 12:29 a.m.7 views

AZL-6424 CVE-2019-6293 affecting package flex for versions less than 2.6.4-7

An issue was discovered in the function markbeginningasnormal in nfa.c in flex 2.6.4. There is a stack exhaustion problem caused by the markbeginningasnormal function making recursive calls to itself in certain scenarios involving lots of '' characters. Remote attackers could leverage this...

5.5CVSS6.5AI score0.01588EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2019/01/15 12:0 a.m.5 views

PT-2019-18080 · Gnu +1 · Flex +1

Name of the Vulnerable Software and Affected Versions: flex version 2.6.4 Description: The issue is caused by the mark beginning as normal function making recursive calls to itself in certain scenarios involving lots of '' characters, leading to a stack exhaustion problem. Remote attackers could...

5.5CVSS5.5AI score0.01588EPSS
Exploits1References11
Debian CVE
Debian CVE
added 2005/02/06 5:0 a.m.30 views

CVE-2005-0173

squidldapauth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based Access Control Lists ACLs via a username with a space at the beginning or end, which is ignored by the LDAP server...

7.5CVSS6.4AI score0.31942EPSS
Exploits0
Rows per page
Query Builder