Lucene search
K

5 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/10/24 11:46 a.m.157 views

Security Bulletin: IBM® Engineering Requirements Management DOORS/DWA vulnerabilities fixed in 9.7.2.7

Summary cURL libcurl, Apache Xerces2 Java, Apache Jena, Spring Framework, json-smart-v1 and json-smart-v2 , libxml2, Apache Standard Taglibs , Apache ActiveMQ, Apache Commons Codec are identified as vulnerable components with multiple reported vulnerabilities, CVE-2022-35260, CVE-2022-42915,...

9.8CVSS10AI score0.99677EPSS
Exploits130Affected Software1
The Hacker News
The Hacker News
added 2022/03/31 3:35 p.m.100 views

Security Patch Releases for Critical Zero-Day Bug in Java Spring Framework

The maintainers of Spring Framework have released an emergency patch to address a newly disclosed remote code execution flaw that, if successfully exploited, could allow an unauthenticated attacker to take control of a targeted system. Tracked as CVE-2022-22965, the high-severity flaw impacts...

9.8CVSS0.99677EPSS
Exploits102
The Hacker News
The Hacker News
added 2022/03/31 5:52 a.m.320 views

Unpatched Java Spring Framework 0-Day RCE Bug Threatens Enterprise Web Apps Security

A zero-day remote code execution RCE vulnerability has come to light in the Spring framework shortly after a Chinese security researcher briefly leaked a proof-of-concept PoC exploit on GitHub before deleting their account. According to cybersecurity firm Praetorian, the unpatched flaw impacts...

9.8CVSS9.3AI score0.99939EPSS
Exploits46
Tenable Nessus
Tenable Nessus
added 2014/03/31 12:0 a.m.38 views

Debian DSA-2890-1 : libspring-java - security update

Two vulnerabilities were discovered in libspring-java, the Debian package for the Java Spring framework. - CVE-2014-0054 Jaxb2RootElementHttpMessageConverter in Spring MVC processes external XML entities. - CVE-2014-1904 Spring MVC introduces a cross-site scripting vulnerability if the action on ...

6.8CVSS8.1AI score0.91354EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2014/03/28 12:0 a.m.33 views

Debian: Security Advisory (DSA-2890-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS7.5AI score0.91354EPSS
Exploits0References3
Rows per page
Query Builder