Lucene search
K

60 matches found

Cvelist
Cvelist
added 2024/01/28 12:0 a.m.33 views

CVE-2024-23742

An issue in Loom on macOS version 0.196.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. NOTE: the vendor disputes this because it requires local access to a victim's machine...

9.5AI score0.01695EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/01/27 12:0 a.m.7 views

PT-2024-20050 · Loom · Loom

Name of the Vulnerable Software and Affected Versions: Loom on macOS version 0.196.1 and before Description: An issue in Loom allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. The vendor disputes this issue because it requires local...

9.8CVSS8AI score0.01695EPSS
Exploits0References8
Spring Security Advisories
Spring Security Advisories
added 2023/12/26 12:0 a.m.18 views

This Year in Spring - 2023

Welcome to another installment of This Week in Spring! It's December 26th, 2023, and we're staring down the new year! And you know what that means, right? It's time for our annual roundup, looking at all the latest and greatest in the wild and wonderful world of Springdom. This is This Year in...

7.1AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2023/11/23 12:0 a.m.12 views

Spring Tips: Spring Boot 3.2

Hi, Spring fans! In this installment of Spring Tips, I look at the new Spring Boot 3.2 release, due to drop today, the 23rd of November 2023! 23-11-23! We're diving into the cool new features of Spring Boot 3.2 and Java 21. We'll explore how virtual threads from Project Loom make your code run...

7.3AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2023/10/31 12:0 a.m.21 views

What new is coming in reactor-core 3.6.0?

Reactor 3.6.0 is coming and going to be GA on November 14. This blogpost describes new features that are included in this upcoming release! Virtual Threads support Today, everyone talks about Java 21 and Project Loom. The Project Reactor team hears that and sees value in that project within our...

6.9AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2023/09/12 12:0 a.m.11 views

This Week in Spring - September 12th, 2023

Hi, Spring fans! Welcome to another installment of This Week in Spring! How are you this fine 12th of September? I'm doing alright, elated, even. I've just returned from beautiful Oslo, Norway, and I've got a busy 30 days or so ahead, starting today. I'm visiting Seattle, WA; Mexico City, Mexico;...

6.8AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2023/09/09 12:0 a.m.24 views

All together now: Spring Boot 3.2, GraalVM native images, Java 21, and virtual threads with Project Loom,

This has been a very long time in coming, but finally we can create GraalVM native images that use Spring Boot via Spring Boot 3.2 and Java 21's virtual threads Project Loom! Why does all this matter? Each of these individual things, Project Loom, and GraalVM native images, offer compelling runti...

7.2AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2023/08/29 12:0 a.m.15 views

My SpringOne 2023 Recap

Hi, Spring fans! Look, it's Monday after the first in-person SpringOne of the 2020s and the first since the pandemic, and, being honest, I'm bushed! Vegas is a dizzying, sensational, overwhelming, exciting experience, and SpringOne is too. But it was worth it. The SpringOne show surpassed all...

6.5AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2023/08/11 12:0 a.m.37 views

A Bootiful Podcast: Spring Cloud cofounder and lead Spencer Gibb on Spring Cloud Gateway for the Servlet API in the era of Project Loom

Hi, Spring fans! In this installment, my first since I returned from two blistering hot but super fun months in Asia, I talk to Spring Cloud cofounder and lead Spencer Gibb @SpencerBGibb about the new Servlet-friendly Spring Cloud Gateway project...

6.8AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2023/04/06 12:0 a.m.36 views

A Bootiful Podcast: José Paumard, Java Champion alumnus and Java legend, on Project Loom, Valhalla, and more, from Devnexus 2023!

Hi, Spring fans! Welcome to another installment of A Bootiful Podcast. In this installment I'll talk to legendary Oracle Java Champion alumnus, Java advocate, professor emeritus, and all around amiable fellow José Paumard, recorded at the amazing Devnexus 2023 event! José's English-language Youtu...

6.5AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2023/03/21 12:0 a.m.97 views

This Week in Spring - March 21st, 2023

Hi, Spring fans! Welcome to another rip roaring installment of This Week in Spring! It's March 21st and today they announced Java 20! It's an exciting time to be a Java developer. Java 20, of course, is just another amazing installment before Java 21, which comes out in six short months, includin...

6.6AI score0.03514EPSS
Exploits1
Spring Security Advisories
Spring Security Advisories
added 2023/02/27 12:0 a.m.28 views

Web applications and Project Loom

Introduction Project Loom aims to bring "easy-to-use, high-throughput, lightweight concurrency" to the JRE. One feature introduced by Project Loom is virtual threads. In this blog post, we'll be exploring what virtual threads mean for web applications using some simple web applications deployed o...

6.8AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2023/02/03 12:0 a.m.36 views

The 2022 State of Spring Survey Report

Hi, Spring fans! You're awesome! I know you're awesome. You know you're awesome. And the Spring team works for you. We like working for you because you dream awesome dreams and build awesome things. And we can't work effectively with and for you if we don't know where everyone stands. Every year ...

7.1AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2022/10/11 7:32 a.m.41 views

Embracing Virtual Threads

Project Loom has made it into the JDK through JEP 425. Its available since Java 19 in September 2022 as a preview feature. Its goal is to dramatically reduce the effort of writing, maintaining, and observing high-throughput concurrent applications. Where Virtual Threads make sense This makes...

7.1AI score
Exploits0
OSV
OSV
added 2019/08/07 3:15 p.m.4 views

CVE-2019-14432

Incorrect authentication of application WebSocket connections in Loom Desktop for Mac up to 0.16.0 allows remote code execution from either malicious JavaScript in a browser or hosts on the same network, during periods in which a user is recording a video with the application. The same attack...

8.8CVSS7.7AI score0.02278EPSS
Exploits0References2
NVD
NVD
added 2019/08/07 3:15 p.m.13 views

CVE-2019-14432

Incorrect authentication of application WebSocket connections in Loom Desktop for Mac up to 0.16.0 allows remote code execution from either malicious JavaScript in a browser or hosts on the same network, during periods in which a user is recording a video with the application. The same attack...

8.8CVSS9.2AI score0.02278EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/08/07 2:56 p.m.19 views

CVE-2019-14432

Incorrect authentication of application WebSocket connections in Loom Desktop for Mac up to 0.16.0 allows remote code execution from either malicious JavaScript in a browser or hosts on the same network, during periods in which a user is recording a video with the application. The same attack...

9.2AI score0.02278EPSS
Exploits0References2
CVE
CVE
added 2019/08/07 2:56 p.m.141 views

CVE-2019-14432

Technical details (affected product/version, root cause, exploitability, fixes) are not publicly provided in the supplied documents. Monitor for updates; no additional specifics are available here.

8.8CVSS9.1AI score0.02278EPSS
Exploits0References2Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

Loom Software SurfNow 1.x/2.x Remote HTTP GET Request Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9519/info A problem has been identified in the handling of specific types of requests by SurfNOW. Upon receiving specially crafted HTTP GET requests, it is possible for a remote attacker to crash a vulnerable...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2004/01/28 12:0 a.m.13 views

Loom Software SurfNow 1.x2.x - GET Remote Denial of Service

Loom Software SurfNow 1.x2.x - GET Remote Denial of Service source: https://www.securityfocus.com/bid/9519/info A problem has been identified in the handling of specific types of requests by SurfNOW. Upon receiving specially crafted HTTP GET requests, it is possible for a remote attacker to crash...

0.3AI score
Exploits0
Rows per page
Query Builder