Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Spring Engineering
Spring Engineeringadded 2025/10/14 12:0 a.m.3 views

Spring Session MongoDB: Now Led by MongoDB Team

It gives me great pleasure to announce that the Spring Session MongoDB project will now be led by the MongoDB Team. NOTE: This announcement is in alignment with our announcement Spring Session Hazelcast: Now Led by Hazelcast Team. For ten years Spring Session has provided the infrastructure for...

6.7AI score
Exploits0
Spring Engineering
Spring Engineeringadded 2025/10/14 12:0 a.m.2 views

Spring Session Hazelcast: Now Led by Hazelcast Team

It gives me great pleasure to announce that the Spring Session Hazelcast project will now be led by the Hazelcast Team. NOTE: This announcement is in alignment with our announcement Spring Session MongoDB: Now Led by MongoDB Team. For ten years Spring Session has provided the infrastructure for...

6.5AI score
Exploits0
Spring Engineering
Spring Engineeringadded 2025/09/11 12:0 a.m.2 views

Spring Authorization Server moving to Spring Security 7.0

Spring Authorization Server has come a long way since 1.0 was officially released in November 2022. Starting as a project separate from Spring Security, has allowed it to iterate quickly on feature development and ultimately grow a rich feature set for building OAuth2 Authorization Servers. It ha...

6.8AI score
Exploits0
Positive Technologies
Positive Technologiesadded 2025/09/04 12:0 a.m.3 views

PT-2025-35893

Name of the Vulnerable Software and Affected Versions: Vaadin versions 7.0.0 through 7.7.47 Vaadin versions 8.0.0 through 8.28.1 Vaadin versions 14.0.0 through 14.13.0 Vaadin versions 23.0.0 through 23.6.1 Vaadin versions 24.0.0 through 24.7.6 Description: The Vaadin Upload component’s start...

5.3CVSS6.6AI score0.00127EPSS
Exploits0References5
Vaadin
Vaadinadded 2023/06/22 12:0 a.m.64 views

Apache Commons FileUpload - DoS with excessive parts

Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. Note that, like all of the file upload limits, the new configuration option...

7.5CVSS6.8AI score0.339EPSS
Exploits1Affected Software2
Vaadin
Vaadinadded 2021/03/29 12:0 a.m.20 views

Server classes and resources exposure in OSGi applications using Vaadin 12-14 and 19

Vulnerability in OSGi integration in com.vaadin:flow-server versions 1.2.0 through 2.4.7 Vaadin 12.0.0 through 14.4.9, and 6.0.0 through 6.0.1 Vaadin 19.0.0 allows attacker to access application classes and resources on the server via crafted HTTP request. See CWE-402: Transmission of Private...

8.6CVSS0.9AI score0.01802EPSS
Exploits0References3Affected Software2
Vaadin
Vaadinadded 2019/07/04 12:0 a.m.36 views

Stored cross-site scripting in Grid component in Vaadin 7 and 8

Missing variable sanitization in Grid component in com.vaadin:vaadin-server versions 7.4.0 through 7.7.19 Vaadin 7.4.0 through 7.7.19, and 8.0.0 through 8.8.4 Vaadin 8.0.0 through 8.8.4 allows attacker to inject malicious JavaScript via unspecified vector. See CWE-80: Improper Neutralization of...

6.1CVSS1.4AI score0.00347EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder