GHSA-J7J9-5253-F7VH Valtimo has SpEL injection via StandardEvaluationContext that allows Remote Code Execution by admin users

Summary Multiple classes evaluate Spring Expression Language SpEL expressions from user-supplied input using StandardEvaluationContext, which provides unrestricted access to Java types and methods. An authenticated user with the ADMIN role can achieve Remote Code Execution and credential...

PT-2026-38275

Name of the Vulnerable Software and Affected Versions com.ritense.valtimo:document versions 12.0.0 through 12.31.0 com.ritense.valtimo:case versions 13.0.0 through 13.22.0 com.ritense.valtimo:contract versions 13.4.0 through 13.22.0 Description Valtimo is an open-source business process automatio...

April 25, 2023—KB5025298 (OS Build 22000.1880) Preview

April 25, 2023—KB5025298 OS Build 22000.1880 Preview 3/28/23 IMPORTANT Starting in April 2023, optional, non-security preview updates will release on the fourth Tuesday of the month. For more information, see Windows monthly updates explained. For information about Windows update terminology, see...

How to configure Image portability service to migrate an Image to Azure Cloud?

How to configure Image portability service to migrate an Image to Azure Cloud?...

CVE-2021-21481

The MigrationService, which is part of SAP NetWeaver versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform an authorization check. This might allow an unauthorized attacker to access configuration objects, including such that grant administrative privileges. This could result in...

CA BrightStor HSM Engine Detection (UDP)

The remote service is a BrightStor HSM Engine, the engine component of BrightStor Hierarchical Storage Manager, which is used to manage files on the remote host as part of an enterprise-grade tiered storage solution. C Tenable Network Security, Inc. include"compat.inc"; if description...