3366 matches found
CVE-2012-0439
An ActiveX control in gwcls1.dll in the client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows remote attackers to execute arbitrary code via 1 a pointer argument to the SetEngine method or 2 an XPItem pointer argument to an unspecified method...
CVE-2013-3274
EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly determine authorization for calls to Java RMI methods, which allows remote authenticated users to execute arbitrary code via unspecified vectors...
CVE-2005-4029
WebEOC before 6.0.2 allows remote attackers to obtain valid usernames via the HTML source of the WebEOC login webpage, which could be useful in other attacks such as locking out valid users via brute force methods...
CVE-2003-0249
PHP treats unknown methods such as "PoSt" as a GET request, which could allow attackers to intended access restrictions if PHP is running on a server that passes on all methods, such as Apache httpd 2.0, as demonstrated using a Limit directive. NOTE: this issue has been disputed by the Apache...
CVE-2003-1001
Buffer overflow in the Cisco Firewall Services Module FWSM in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service crash and reload via HTTP auth requests for 1 TACACS+ or 2 RADIUS authentication...
CVE-2009-5015
The URL dispatch mechanism in TurboGears2 aka tg2 before 2.0.2 exposes controller methods even when an @expose decoration is not used, which has unspecified impact and attack vectors...
CVE-1999-0379
Microsoft Taskpads allows remote web sites to execute commands on the visiting user's machine via certain methods that are marked as Safe for Scripting...
GHSA-9PP5-9C7G-4R83 Spring Security authorization bypass for method security annotations on private methods
Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass. Your application may be affected by this if the following are true: You are using @EnableMethodSecuritymode=ASPECTJ and spring-security-aspects, and You have...
Spring Security authorization bypass for method security annotations on private methods
Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass. Your application may be affected by this if the following are true: You are using @EnableMethodSecuritymode=ASPECTJ and spring-security-aspects, and You have...
CVE-2025-41232
Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass. Your application may be affected by this if the following are true: You are using @EnableMethodSecuritymode=ASPECTJ and spring-security-aspects, and You have...
CVE-2025-41232
Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass. Your application may be affected by this if the following are true: You are using @EnableMethodSecuritymode=ASPECTJ and spring-security-aspects, and You have...
CVE-2025-41232
CVE-2025-41232 affects multiple IBM and Spring-based products where Spring Security Aspects may fail to locate method security annotations on private methods, enabling potential authorization bypass when using @EnableMethodSecurity(mode=ASPECTJ) with spring-security-aspects and private annotated ...
CVE-2025-41232 CVE-2025-41232: Spring Security authorization bypass for method security annotations on private methods
Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass. Your application may be affected by this if the following are true: You are using @EnableMethodSecuritymode=ASPECTJ and spring-security-aspects, and You have...
CVE-2025-41232 CVE-2025-41232: Spring Security authorization bypass for method security annotations on private methods
Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass. Your application may be affected by this if the following are true: You are using @EnableMethodSecuritymode=ASPECTJ and spring-security-aspects, and You have...
VMware Spring Security 安全漏洞
VMware Spring Security is a set of security frameworks from VMware, Inc. that provide illustrative security protection for Spring-based applications. A security vulnerability exists in VMware Spring Security versions 6.4.0 through 6.4.5 that stems from not properly locating security annotations o...
Outsourcing SAT-Based Verification Computations in Network Security
The emergence of cloud computing gives huge impact on large computations. Cloud computing platforms offer servers with large computation power to be available for customers. These servers can be used efficiently to solve problems that are complex by nature, for example, satisfiability SAT problem...
UBUNTU-CVE-2025-37905
In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Balance device refcount when destroying devices Using devicefindchild to lookup the proper SCMI device to destroy causes an unbalance in device refcount, since devicefindchild calls an implicit getdevice: this,...
Adaptive Pruning of Deep Neural Networks for Resource-Aware Embedded Intrusion Detection on the Edge
Artificial neural network pruning is a method in which artificial neural network sizes can be reduced while attempting to preserve the predicting capabilities of the network. This is done to make the model smaller or faster during inference time. In this work we analyze the ability of a selection...
BeamClean: Language Aware Embedding Reconstruction
In this work, we consider an inversion attack on the obfuscated input embeddings sent to a language model on a server, where the adversary has no access to the language model or the obfuscation mechanism and sees only the obfuscated embeddings along with the model's embedding table. We propose...
Fragments to Facts: Partial-Information Fragment Inference from LLMs
Large language models LLMs can leak sensitive training data through memorization and membership inference attacks. Prior work has primarily focused on strong adversarial assumptions, including attacker access to entire samples or long, ordered prefixes, leaving open the question of how vulnerable...