Lucene search
K

11 matches found

EUVD
EUVD
added 11 hours ago4 views

EUVD-2026-42435

A sandbox escape vulnerability exists in the OpenJDK packages provided in Ubuntu. The .jar MIME handlers installed by these packages execute files marked as executable when the mailcap package is installed. A compromised or malicious sandboxed application with access to the OpenURI portal via...

8.8CVSS6.3AI score
Exploits0References2
CVE
CVE
added yesterday8 views

CVE-2026-10037

CVE-2026-10037 describes a sandbox escape in Ubuntu’s OpenJDK packages. The issue arises from .jar MIME handlers installed by these packages executing files marked as executable when the mailcap package is present. A compromised sandboxed application with access to the OpenURI portal via xdg-desk...

8.8CVSS6.3AI score
Exploits0References1
Spring Security Advisories
Spring Security Advisories
added 2024/08/29 12:0 a.m.85 views

Spring Boot CDS support and Project Leyden anticipation

How can Spring Boot developers improve the runtime efficiency of their applications with minimal constraints in order to enjoy those benefits on most applications? The answer is the CDS support introduced by Spring Boot 3.3 which allows you to start your Spring Boot applications faster and consum...

7.2AI score
Exploits0
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.30 views

Debian: Security Advisory (DLA-150-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.9AI score0.11562EPSS
Exploits0References2
OSV
OSV
added 2022/04/01 11:15 p.m.10 views

DEBIAN-CVE-2022-22965

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution RCE via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is...

9.8CVSS8.4AI score0.99677EPSS
Exploits102References1
Debian CVE
Debian CVE
added 2022/04/01 10:17 p.m.153 views

CVE-2022-22965

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution RCE via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is...

9.8CVSS9.2AI score0.99677EPSS
Exploits102
UbuntuCve
UbuntuCve
added 2022/04/01 12:0 a.m.97 views

CVE-2022-22965

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution RCE via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is...

9.8CVSS7.5AI score0.99677EPSS
Exploits102References7
ATTACKERKB
ATTACKERKB
added 2022/04/01 12:0 a.m.79 views

CVE-2022-22965

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution RCE via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is...

9.8CVSS8.8AI score0.99677EPSS
In wildExploits102References9
Carbon Black Blog
Carbon Black Blog
added 2019/02/11 12:45 p.m.72 views

TAU Threat Intelligence Notification: Java Embedded MSI Files

Summary Application whitelisting provides environments with access controls to stop unauthorized software from executing. This is accomplished by utilizing file and folder attributes including but not limited to file path, filename, digital signature, publisher, cryptographic hash and product nam...

0.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/03/26 12:0 a.m.42 views

Debian DLA-150-1 : unzip security update

A flaw was found in the testcompreb function allowing out-of-bounds read and write access to memory locations. By carefully crafting a corrupt ZIP archive an attacker can trigger a heap overflow, resulting in application crash or possibly having other unspecified impact. Additionally this update...

7.8CVSS6.3AI score0.11562EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2015/02/02 12:0 a.m.26 views

Debian: Security Advisory (DSA-3152-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.1AI score0.11562EPSS
Exploits0References3
Rows per page
Query Builder