Lucene search
+L

31 matches found

Tenable Nessus
Tenable Nessus
added 2025/07/18 12:0 a.m.85 views

Oracle WebLogic Server (July 2025 CPU)

The 12.2.1.4.0, 14.1.1.0.0, and 14.1.2.0.0 versions of WebLogic Server installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2025 CPU advisory. - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Centralized...

8.8CVSS6.5AI score0.54862EPSS
Exploits8References11
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/08 6:49 a.m.9 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in spring-webflux-5.3.27.jar

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of spring-webflux-5.3.27.jar Vulnerability Details CVEID:CVE-2024-38819 DESCRIPTION: Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks...

7.5CVSS6.8AI score0.54862EPSS
Exploits6Affected Software1
GithubExploit
GithubExploit
added 2025/06/25 6:59 a.m.235 views

Exploit for CVE-2024-38819

CVE-2024-38819: Proof of Concept PoC This is a proof of con...

7.5CVSS7.5AI score0.54862EPSS
Exploits6
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/01 7:49 p.m.13 views

Security Bulletin: IBM Watson Speech Services Cartridge v4.8.8 is vulnerable to a security information disclosure in VMware Tanzu Spring [CVE-2024-38819]

Summary IBM Watson Speech Services Cartridge is vulnerable to a security information disclosure in VMware Tanzu Spring, due to path traversal exposures through the functional web framework: WebMvc.fn or WebFlux.fn CVE-2024-38819. VMware Tanzu Spring is used in our Speech microservices. This...

7.5CVSS6.3AI score0.54862EPSS
Exploits6Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/04/01 12:0 a.m.16 views

Atlassian Jira Service Management Data Center and Server 5.12.x < 5.12.19 (JSDSERVER-16083)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16083 advisory. - Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn...

7.5CVSS6.4AI score0.54862EPSS
Exploits6References2
Gitee
Gitee
added 2025/03/07 2:11 p.m.120 views

Exploit for CVE-2024-38819

CVE-2024-38819: Proof of Concept PoC This is a proof of concept for the CVE-2024-38819 vulnerability, which I reported, demonstrating a path traversal exploit. Execution Steps 1. Build the Docker image Spring Boot 3.3.4, based on Spring Framework 6.1.13 cd vuln docker build -t cve-2024-38819-poc...

7.5CVSS7.6AI score0.54862EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2024-38819

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can...

7.5CVSS6.7AI score0.54862EPSS
Exploits6References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/27 4:52 p.m.18 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a directory traversal in Spring Framework [CVE-2024-38819]

Summary IBM Watson Speech Services Cartridge is vulnerable to a directory traversal in Spring Framework, caused by improper validation of user request by the functional web frameworks WebMvc.fn or WebFlux.fn CVE-2024-38819. Spring Framework is used by our Speech Microservices. This vulnerabilitiy...

7.5CVSS6.5AI score0.54862EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/07 10:3 a.m.19 views

Security Bulletin: Vulnerability in Spring WebMvc affects watsonx.data

Summary Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. This could affect watsonx.data. Vulnerability Details CVEID:CVE-2024-38819 DESCRIPTION: Applications serving static resources through the functiona...

7.5CVSS6.5AI score0.54862EPSS
Exploits6Affected Software1
GithubExploit
GithubExploit
added 2025/02/07 2:16 a.m.165 views

Exploit for CVE-2024-38819

CVE-2024-38819 01. File-Traversal와 Webflux 개요 - 1 File...

7.5CVSS7.9AI score0.54862EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2025/02/06 12:0 a.m.16 views

Atlassian Confluence 3.x < 7.19.30 / 7.20.x < 8.5.18 / 8.6.x < 9.1.1 / 9.2.0 (CONFSERVER-98842)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-98842 advisory. - Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An...

7.5CVSS6.4AI score0.54862EPSS
Exploits6References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.25 views

Security Bulletin: IBM Maximo Application Suite - AI Broker Component component uses spring-webflux-6.1.13.jar which is vulnerable to this CVE-2024-38819

Summary Security Bulletin: IBM Maximo Application Suite - AI Broker Component component uses spring-webflux-6.1.13.jar which is vulnerable to this CVE-2024-38819. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-38819 DESCRIPTION...

7.5CVSS6.6AI score0.54862EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.15 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to spring-webmvc-6.1.11.jar CVE-2024-38819

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to spring-webmvc-6.1.11.jar CVE-2024-38819. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-38819 DESCRIPTION: Applications serving static resources through the...

7.5CVSS6.5AI score0.54862EPSS
Exploits6Affected Software1
vulnersOsv
vulnersOsv
added 2024/12/19 6:31 p.m.10 views

ai.optfor:spring-openai-api (>=0.2.2 <=0.3.25), app.boboc:webflux-websocket-coroutine (>=0.0.6 <=1.0.0) +661 more potentially affected by CVE-2024-38819 via org.springframework:spring-webflux (>=6.0.0 <=6.0.23)

org.springframework:spring-webflux MAVEN version =6.0.0, =0.2.2, =0.0.6, =0.0.6, =4.6.18, =0.14.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0-RC2 and more Source cves: CVE-2024-38819 Source advisory: OSV:GHSA-G5VR-RGQM-VF78...

7.5CVSS6.4AI score0.54862EPSS
Exploits6
vulnersOsv
vulnersOsv
added 2024/12/19 6:31 p.m.9 views

ai.ancf.lmos:lmos-operator (>=0.0.4 <=0.1.0), ai.driftkit:driftkit-chat-assistant-framework (>=0.5.0 <=0.8.7) +3144 more potentially affected by CVE-2024-38819 via org.springframework:spring-webmvc (>=6.1.0 <=6.1.13)

org.springframework:spring-webmvc MAVEN version =6.1.0, =0.0.4, =0.5.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.7.5, =0.8.3, =0.7.0, =0.5.0, =0.5.0, =0.5.0, =cloud-0.1, =cloud-0.2.1 - ai.latta:spring =1.0 and more Source cves: CVE-2024-38819 Source advisory: OSV:GHSA-G5VR-RGQM-VF78...

7.5CVSS6.6AI score0.54862EPSS
Exploits6
vulnersOsv
vulnersOsv
added 2024/12/19 6:31 p.m.8 views

RPD:bmc-rpd (=1.1), aendter.jenkins.plugins:filesystem-list-parameter-plugin (>=0.0.1 <=0.0.6) +25453 more potentially affected by CVE-2024-38819 via org.springframework:spring-webmvc (>=1.2.1 <=5.3.39)

org.springframework:spring-webmvc MAVEN version =1.2.1, =0.0.1, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =4.4.0.0, =0.0.12, =0.1.15 and more Source cves: CVE-2024-38819 Source advisory: OSV:GHSA-G5VR-RGQM-VF78...

7.5CVSS6.6AI score0.54862EPSS
Exploits6
vulnersOsv
vulnersOsv
added 2024/12/19 6:31 p.m.9 views

africa.absa:inception-application (>=1.1.0 <=1.2.0), africa.absa:inception-test (>=1.1.0 <=1.2.0) +2757 more potentially affected by CVE-2024-38819 via org.springframework:spring-webflux (>=5.0.0.RELEASE <=5.3.39)

org.springframework:spring-webflux MAVEN version =5.0.0.RELEASE, =1.1.0, =1.1.0, =0.5.0, =0.5.0, =0.5.0, =j8.2.2.0, =0.0.1, =v0.3.12, =v0.3.12, =v0.3.12, =2.1.2.RELEASE, =4.1.36, =4.1.7, =4.7.1 - br.com.m4rc310:br-com-m4rc310-graphql =1.0.1 - br.com.m4rc310:br-com-m4rc310-libs =1.0.1 and more...

7.5CVSS6.6AI score0.54862EPSS
Exploits6
OSV
OSV
added 2024/12/19 6:15 p.m.24 views

CVE-2024-38819

Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also accessible to the process in which the Spring application...

7.5CVSS6.6AI score0.54862EPSS
Exploits6References2
UbuntuCve
UbuntuCve
added 2024/12/19 6:15 p.m.103 views

CVE-2024-38819

Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also accessible to the process in which the Spring application...

7.5CVSS6.8AI score0.54862EPSS
Exploits6References2
Cvelist
Cvelist
added 2024/12/19 5:15 p.m.29 views

CVE-2024-38819

Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also accessible to the process in which the Spring application...

7.5CVSS0.54862EPSS
Exploits6References1
Rows per page
Query Builder