Lucene search
K

8 matches found

NVD
NVD
added 2026/04/29 12:16 p.m.7 views

CVE-2026-22740

A WebFlux server application that processes multipart requests creates temp files for parts larger than 10 K. Under some circumstances, temp files may remain not deleted after the request is fully processed. This allows an attacker to consume available disk space. Older, unsupported versions are...

6.5CVSS0.00344EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/30 12:0 a.m.6 views

PT-2025-44440

Name of the Vulnerable Software and Affected Versions Liferay Portal versions 7.4.0 through 7.4.3.119 Liferay DXP versions 2023.Q3.1 through 2023.Q4.10 Liferay DXP versions 2024.Q1.1 through 2024.Q1.5 Liferay Portal versions 7.4 GA through update 92 Older unsupported versions Description The...

6.9CVSS6.8AI score0.00384EPSS
Exploits0References12
OSV
OSV
added 2025/09/16 1:16 p.m.5 views

CVE-2025-55116

A buffer overflow in the Control-M/Agent can lead to a local privilege escalation when an attacker has access to the system running the Agent. This vulnerability impacts the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions...

9.3CVSS6AI score0.0015EPSS
Exploits0References2
OSV
OSV
added 2024/03/20 4:15 a.m.2 views

UBUNTU-CVE-2024-22258

Spring Authorization Server versions 1.0.0 - 1.0.5, 1.1.0 - 1.1.5, 1.2.0 - 1.2.2 and older unsupported versions are susceptible to a PKCE Downgrade Attack for Confidential Clients. Specifically, an application is vulnerable when a Confidential Client uses PKCE for the Authorization Code Grant. An...

6.1CVSS5.8AI score0.00522EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:34 a.m.6 views

SUSE CVE-2018-1270

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user or attacker can craft a message to...

9.8CVSS8.4AI score0.77245EPSS
Exploits5References2
RedHat Linux
RedHat Linux
added 2022/09/08 11:31 a.m.5 views

springframework: malicious input leads to insertion of additional log entries

In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries...

4.3CVSS6.8AI score0.01268EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/04/01 11:15 p.m.6 views

CVE-2022-22950

n Spring Framework versions 5.3.0 - 5.3.16 and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial of service condition...

6.5CVSS6.9AI score0.35834EPSS
Exploits0References2
OSV
OSV
added 2022/04/01 11:15 p.m.3 views

UBUNTU-CVE-2022-22950

n Spring Framework versions 5.3.0 - 5.3.16 and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial of service condition...

6.5CVSS5.8AI score0.35834EPSS
Exploits0References3
Rows per page
Query Builder