Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization causing web security to be ineffective and allowing unauthorized access to all endpoints. Note: This is only exploitable if the following conditions are met: - the application is servlet-based; - the application ha...

be.appify.prefab:prefab-security (>=0.2.0 <=0.7.5), ch.admin.bit.jeap:jeap-audit-command-builder (>=7.0.0-alpha-springboot4 <=7.1.0-alpha-springboot4) +681 more potentially affected by CVE-2026-40976 via org.springframework.boot:spring-boot-security (>=4.0.0-M1 <=4.0.5)

org.springframework.boot:spring-boot-security MAVEN version =4.0.0-M1, =0.2.0, =7.0.0-alpha-springboot4, =2.0.0-alpha-springboot4, =5.0.0-alpha-springboot4, =9.0.0-alpha-springboot4, =22.0.0-alpha-springboot4, =22.0.0-alpha-springboot4, =22.0.0-alpha-springboot4, =22.0.0-alpha-springboot4,...

CVE-2021-27097

The boot loader in Das U-Boot before 2021.04-rc2 mishandles a modified FIT...

EUVD-2016-1520

Malware in sbrugna...

EUVD-2022-48109

Malicious code in bioql PyPI...

EUVD-2024-37027

Malicious code in bioql PyPI...

EUVD-2023-48035

Malicious code in bioql PyPI...

CVE-2023-33017

Memory corruption in Boot while running a ListVars test in UEFI Menu during boot...

CVE-2019-14201

An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfshandler reply helper function: nfslookupreply...

grub2: UFS: Integer overflow may lead to heap based out-of-bounds write when handling symlinks

A flaw was found in grub2. When performing a symlink lookup, the grub's UFS module checks the inode's data size to allocate the internal buffer to read the file content, however, it fails to check if the symlink data size has overflown. When this occurs, grubmalloc may be called with a smaller...

DLA-4150-1 u-boot - security update

Bulletin has no description...

SUSE-SU-2025:0817-1 Security update for u-boot

This update for u-boot fixes the following issues: - CVE-2024-57256: integer overflow in U-Boot's ext4 symlink resolution function bsc1237284. - CVE-2024-57258: multiple integer overflows in U-Boot's memory allocator bsc1237287...

SUSE-SU-2025:0763-1 Security update for u-boot

This update for u-boot fixes the following issues: - CVE-2024-57256: integer overflow in U-Boot's ext4 symlink resolution function bsc1237284. - CVE-2024-57258: multiple integer overflows in U-Boot's memory allocator bsc1237287...

CVE-2025-0685

A flaw was found in grub2. When reading data from a jfs filesystem, grub's jfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciouly crafted filesystem may lead some o...

IceCMS Authentication Error Vulnerability

IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation . An authentication bypass vulnerability exists in IceCMS v3.4.7 and earlier versions, which stems from the inclusion of hard-coded JWT keys that can be exploited by an attacker to forge JWT...

PT-2024-5891 · Unknown · Uefi Firmware

Name of the Vulnerable Software and Affected Versions: UEFI firmware affected versions not specified Description: A vulnerability related to the use of an insecure Platform Key PK has been discovered. An attacker with the compromised PK private key can create malicious UEFI software that is signe...

my-springsecurity-plus SQL Injection Vulnerability

my-springsecurity-plus is an RBAC backend privilege management system based on SpringBoot and SpringSecurity by codermy individual developer. A SQL injection vulnerability exists in my-springsecurity-plus prior to version 2024.07.03, which stems from an unknown function in the file /api/dept/buil...

Microsoft Windows Multiple Vulnerabilities (KB5036925)

This host is missing a critical security update according to Microsoft KB5036925 SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-20689

Secure Boot Security Feature Bypass Vulnerability...

KB5036896: Windows 10 version 1809 / Windows Server 2019 Security Update (April 2024)

The remote Windows host is missing security update 5036896. It is, therefore, affected by multiple vulnerabilities - SmartScreen Prompt Security Feature Bypass Vulnerability CVE-2024-29988 - Secure Boot Security Feature Bypass Vulnerability CVE-2024-20669, CVE-2024-26168, CVE-2024-26171,...