CVE-2019-15485

Bolt before 3.6.10 has XSS via createFolder or createFile in Controller/Async/FilesystemManager.php...

CVE-2019-10417

Jenkins Kubernetes :: Pipeline :: Kubernetes Steps Plugin provides a custom whitelist for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection...

CVE-2018-19515

In Webgalamb through 7.0, system/ajax.php functionality is supposed to be available only to the administrator. However, by using one of the bgsend, atmentsddd1xGz, or xlsbgimport query parameters, most of these methods become available to unauthenticated users...

CVE-2019-10418

Jenkins Kubernetes :: Pipeline :: Arquillian Steps Plugin provides a custom whitelist for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection...

CVE-2014-9530

A vulnerability exists in nw.js before 0.11.3 when calling nw methods from normal frames, which has an unspecified impact...

CVE-2012-0439

An ActiveX control in gwcls1.dll in the client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows remote attackers to execute arbitrary code via 1 a pointer argument to the SetEngine method or 2 an XPItem pointer argument to an unspecified method...

CVE-2013-3274

EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly determine authorization for calls to Java RMI methods, which allows remote authenticated users to execute arbitrary code via unspecified vectors...

CVE-2005-4029

WebEOC before 6.0.2 allows remote attackers to obtain valid usernames via the HTML source of the WebEOC login webpage, which could be useful in other attacks such as locking out valid users via brute force methods...

CVE-2003-0249

PHP treats unknown methods such as "PoSt" as a GET request, which could allow attackers to intended access restrictions if PHP is running on a server that passes on all methods, such as Apache httpd 2.0, as demonstrated using a Limit directive. NOTE: this issue has been disputed by the Apache...

CVE-2003-1001

Buffer overflow in the Cisco Firewall Services Module FWSM in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service crash and reload via HTTP auth requests for 1 TACACS+ or 2 RADIUS authentication...

CVE-2009-5015

The URL dispatch mechanism in TurboGears2 aka tg2 before 2.0.2 exposes controller methods even when an @expose decoration is not used, which has unspecified impact and attack vectors...

CVE-1999-0379

Microsoft Taskpads allows remote web sites to execute commands on the visiting user's machine via certain methods that are marked as Safe for Scripting...

GHSA-9PP5-9C7G-4R83 Spring Security authorization bypass for method security annotations on private methods

Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass. Your application may be affected by this if the following are true: You are using @EnableMethodSecuritymode=ASPECTJ and spring-security-aspects, and You have...

Spring Security authorization bypass for method security annotations on private methods

Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass. Your application may be affected by this if the following are true: You are using @EnableMethodSecuritymode=ASPECTJ and spring-security-aspects, and You have...

CVE-2025-41232

Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass. Your application may be affected by this if the following are true: You are using @EnableMethodSecuritymode=ASPECTJ and spring-security-aspects, and You have...

CVE-2025-41232

Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass. Your application may be affected by this if the following are true: You are using @EnableMethodSecuritymode=ASPECTJ and spring-security-aspects, and You have...

CVE-2025-41232 CVE-2025-41232: Spring Security authorization bypass for method security annotations on private methods

Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass. Your application may be affected by this if the following are true: You are using @EnableMethodSecuritymode=ASPECTJ and spring-security-aspects, and You have...

CVE-2025-41232 CVE-2025-41232: Spring Security authorization bypass for method security annotations on private methods

Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass. Your application may be affected by this if the following are true: You are using @EnableMethodSecuritymode=ASPECTJ and spring-security-aspects, and You have...

CVE-2025-41232

CVE-2025-41232 affects multiple IBM and Spring-based products where Spring Security Aspects may fail to locate method security annotations on private methods, enabling potential authorization bypass when using @EnableMethodSecurity(mode=ASPECTJ) with spring-security-aspects and private annotated ...

Outsourcing SAT-Based Verification Computations in Network Security

The emergence of cloud computing gives huge impact on large computations. Cloud computing platforms offer servers with large computation power to be available for customers. These servers can be used efficiently to solve problems that are complex by nature, for example, satisfiability SAT problem...