Lucene search
+L

170 matches found

Nuclei
Nuclei
added 3 days ago22 views

Spring Data REST < 2.6.9 (Ingalls SR9) / 3.0.1 (Kay SR1) - PATCH Request Remote Code Execution

Spring Data REST 2.6.9 and 3.0.1, Spring Boot 1.5.9 and 2.0 M6 contain a remote code execution caused by processing malicious PATCH requests with crafted JSON data, letting attackers execute arbitrary Java code, exploit requires sending malicious PATCH requests. id: CVE-2017-8046 info: name: Spri...

9.8CVSS7.5AI score0.74355EPSS
Exploits8References5
NVD
NVD
added 2026/07/08 5:17 p.m.9 views

CVE-2026-29009

U-Boot through 2026.04-rc3 contains a buffer overflow vulnerability in nfsreadlinkreply net/nfs-common.c when CONFIGCMDNFS is enabled, allowing a malicious or compromised NFS server to overflow the 2048-byte nfspathbuff buffer by returning multiple relative symlink targets that are appended witho...

8.8CVSS0.00438EPSS
Exploits0References4
NVD
NVD
added 2026/07/08 5:17 p.m.8 views

CVE-2026-29007

U-Boot through 2026.04-rc3 contains an out-of-bounds read vulnerability in tcprxstatemachine net/tcp.c when CONFIGPROTTCP is enabled, allowing remote attackers to read beyond TCP segment boundaries by crafting a malicious packet with a mismatched IP total length and TCP data offset field. Attacke...

6.9CVSS0.00472EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.8 views

Debian dla-4642 : u-boot - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4642 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4642-1 [email protected]...

8.8CVSS6AI score0.00598EPSS
Exploits1References7
Cvelist
Cvelist
added 2026/06/09 5:5 p.m.33 views

CVE-2026-45588 Secure Boot Security Feature Bypass Vulnerability

...

7.9CVSS0.00303EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.23 views

Secure Boot Security Feature Bypass Vulnerability

No cwe for this issue in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...

7.9CVSS7.2AI score0.01028EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux - уязвимость в u-boot

A issue was discovered in Das U-Boot during the period from 2019.07. There is an unbounded memcpy operation with an unvalidated length at nfsreadlinkreply in the “else” block, after calculating the new path length...

9.8CVSS7AI score0.0235EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux - уязвимость в u-boot

A issue was discovered in Das U-Boot during the period from 2019.07. There is an unbounded memcpy operation with a failed length check at nfsreadreply, when calling storeblock in the NFSv3 case...

9.8CVSS7.1AI score0.0235EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux - уязвимость в u-boot

Integer overflows in memory allocation in Das U-Boot before 2025.01-rc1 occur due to a crafted squashfs filesystem using sbrk, request2size, or because ptrdifft is mishandled on x8664...

7.8CVSS7.4AI score0.00233EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux - уязвимость в u-boot

A issue was discovered in Das U-Boot during the period from 2019.07. There is a stack-based buffer overflow in the nfshandler reply helper function: nfsmountreply...

9.8CVSS7.6AI score0.02488EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/12 12:33 a.m.105 views

Exploit for Improper Input Validation in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Demo Khai thác Lỗ hổng Log4Shell CVE-2021-44228 Dự án này m...

10CVSS7.5AI score0.99999EPSS
Exploits354
vulnersOsv
vulnersOsv
added 2026/04/28 12:31 a.m.21 views

africa.absa:inception-api (>=1.0.0 <=1.2.0), africa.absa:inception-application (>=1.0.0 <=1.2.0) +39336 more potentially affected by CVE-2026-40973 via org.springframework.boot:spring-boot (>=1.0.0.RELEASE <=2.7.3)

org.springframework.boot:spring-boot MAVEN version =1.0.0.RELEASE, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =4.4.0.0, =4.6.0.0 and more Source cves: CVE-2026-40973 Source advisory: OSV:GHSA-WWPQ-F5C3-7HVX...

7CVSS5.7AI score0.00136EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/28 12:31 a.m.10 views

ai.driftkit:driftkit-audio-core (>=0.5.0 <=0.8.3), ai.driftkit:driftkit-audio-spring-boot-starter (>=0.5.0 <=0.8.7) +4998 more potentially affected by CVE-2026-40973 via org.springframework.boot:spring-boot (>=3.3.0 <=3.3.13)

org.springframework.boot:spring-boot MAVEN version =3.3.0, =0.5.0, =0.5.0, =0.5.0, =0.5.8, =0.5.0, =0.5.7, =0.5.0, =0.6.0, =0.6.0, =0.5.0, =0.5.0, =0.5.0, =0.7.9, =0.6.0, =0.6.0, =0.8.7 and more Source cves: CVE-2026-40973 Source advisory: OSV:GHSA-WWPQ-F5C3-7HVX...

7CVSS5.7AI score0.00136EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/28 12:31 a.m.20 views

ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess (>=0.1.0 <=0.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess-storage-jpa (>=0.1.0 <=0.2.0) +5714 more potentially affected by CVE-2026-40973 via org.springframework.boot:spring-boot (>=3.5.0 <=3.5.13)

org.springframework.boot:spring-boot MAVEN version =3.5.0, =0.1.0, =0.1.0, =0.8.0, =0.7.0, =0.7.0, =0.8.0, =0.7.0, =1.0.0, =1.0.0, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.6 and more Source cves: CVE-2026-40973 Source advisory: OSV:GHSA-WWPQ-F5C3-7HVX...

7CVSS5.7AI score0.00136EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/23 12:0 a.m.12 views

ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +5248 more potentially affected by CVE-2026-40975 via org.springframework.boot:spring-boot (>=4.0.0-M1 <=4.0.5)

org.springframework.boot:spring-boot MAVEN version =4.0.0-M1, =0.1.0, =0.1.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.7.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0-beta-2 and more Source cves: CVE-2026-40975 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKBOOT-16191649...

8.2CVSS5.7AI score0.00312EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/23 12:0 a.m.8 views

ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess (>=0.1.0 <=0.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess-storage-jpa (>=0.1.0 <=0.2.0) +21083 more potentially affected by CVE-2026-40977 via org.springframework.boot:spring-boot (>=3.0.0 <=3.5.13)

org.springframework.boot:spring-boot MAVEN version =3.0.0, =0.1.0, =0.1.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.1.1, =0.1.1, =0.1.1, =0.1.1, =0.0.4, =0.6.0 - ai.ancf.lmos:lmos-router-hybrid-spring-boot-starter =0.1.0 - ai.ancf.lmos:lmos-router-llm-in-spring-cloud-gateway-demo =0.1.0 -...

6.7CVSS5.7AI score0.00112EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/04/14 4:57 p.m.2 views

CVE-2026-26175 Windows Boot Manager Security Feature Bypass Vulnerability

...

4.6CVSS5.8AI score0.00395EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:10 p.m.12 views

CVE-2018-18558

An issue was discovered in Espressif ESP-IDF 2.x and 3.x before 3.0.6 and 3.1.x before 3.1.1. Insufficient validation of input data in the 2nd stage bootloader allows a physically proximate attacker to bypass secure boot checks and execute arbitrary code, by crafting an application binary that...

6.9CVSS7.5AI score0.0039EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:52 a.m.8 views

CVE-2022-33967

squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow vulnerability due to a defect in the metadata reading process. Loading a specially crafted squashfs image may lead to a denial-of-service DoS condition or arbitrary code...

7.8CVSS7.6AI score0.00516EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2025-61661

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been identified in the GRUB Grand Unified Bootloader component. This flaw occurs because the bootloader mishandles string conversion when...

4.8CVSS5.7AI score0.00172EPSS
Exploits0References4
Rows per page
Query Builder