Lucene search
+L

259 matches found

nvd
nvd
added 2 days ago3 views

CVE-2026-50469

Improper link resolution before file access 'link following' in Windows Projected File System allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00278EPSS
Exploits0References1
cvelist
cvelist
added 2 days ago24 views

CVE-2026-50469 Windows Projected File System Elevation of Privilege Vulnerability

...

7.8CVSS0.00278EPSS
Exploits0References1
cve
cve
added 2 days ago6 views

CVE-2026-50469

CVE-2026-50469 affects Windows Projected File System. The flaw is an improper link resolution before file access (link following) that enables an authenticated local attacker to elevate privileges. Documented impact is privilege escalation with a CVSS 3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H score...

7.8CVSS6AI score0.00278EPSS
Exploits0References1
mscve
mscve
added 2 days ago6 views

Windows Projected File System Elevation of Privilege Vulnerability

Improper link resolution before file access 'link following' in Windows Projected File System allows an authorized attacker to elevate privileges locally...

7.8CVSS6.1AI score0.00278EPSS
Exploits0
redhatcve
redhatcve
added 2026/07/01 3:32 p.m.15 views

CVE-2026-41721

A flaw was found in Spring Data Commons. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP request when Spring Data Web Support is enabled with a Controller method using @ProjectedPayload. This can cause the application to allocate excessive memory, leading to a...

5.9CVSS5.7AI score0.00331EPSS
Exploits0References4
osv
osv
added 2026/06/30 6:20 p.m.5 views

GHSA-8WCJ-MFRC-JX5Q Fission builder pods auto-mount the fission-builder ServiceAccount token in the user-supplied builder container

Summary Fission builder pods were created with ServiceAccountName: fission-builder and no AutomountServiceAccountToken: false, so the kubelet auto-mounted the service-account token into every container in the pod — including the user-supplied builder image. Details The user controls the builder...

4.9CVSS5.8AI score0.00255EPSS
Exploits0References6
redhatcve
redhatcve
added 2026/06/10 9:0 p.m.9 views

CVE-2026-42837

Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS5.4AI score0.00326EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/10 9:0 p.m.11 views

CVE-2026-42828

Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS5.4AI score0.00326EPSS
Exploits0References1
snyk
snyk
added 2026/06/10 1:13 a.m.10 views

Denial of Service (DoS)

Overview org.springframework.data:spring-data-commons is a maven plugin to centralize common resources and configuration for Spring Data Maven builds. Affected versions of this package are vulnerable to Denial of Service DoS in the parsing of Sort parameters. An attacker can cause a stack overflo...

8.2CVSS5.6AI score0.0028EPSS
Exploits0References2
snyk
snyk
added 2026/06/10 1:13 a.m.8 views

Denial of Service (DoS)

Overview org.springframework.data:spring-data-commons is a maven plugin to centralize common resources and configuration for Spring Data Maven builds. Affected versions of this package are vulnerable to Denial of Service DoS via data binding. An attacker can exhaust system memory resources by...

8.2CVSS5.6AI score0.00331EPSS
Exploits0References2
euvd
euvd
added 2026/06/10 12:31 a.m.13 views

EUVD-2026-35902

Spring Data Commons contains a vulnerability that can lead to a Denial of Service DoS condition if Spring Data Web Support is enabled in conjunction with a Controller method using @ProjectedPayload, when an attacker sends a specially crafted HTTP request that causes the application to allocate lo...

5.9CVSS5.5AI score0.00331EPSS
Exploits0References2
nvd
nvd
added 2026/06/10 12:16 a.m.16 views

CVE-2026-41721

Spring Data Commons contains a vulnerability that can lead to a Denial of Service DoS condition if Spring Data Web Support is enabled in conjunction with a Controller method using @ProjectedPayload, when an attacker sends a specially crafted HTTP request that causes the application to allocate lo...

5.9CVSS0.00331EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/06/10 12:0 a.m.20 views

VMware Spring Data Commons 资源管理错误漏洞

VMware Spring Data Commons is a data access abstraction framework developed by VMware Corporation in the United States. Vulnerabilities exist in versions 4.0.0 and earlier, as well as versions 3.5.0 and earlier, 3.4.0 and earlier, 3.3.0 and earlier, 3.2.0 and earlier, 3.1.0 and earlier, 3.0.0 and...

5.9CVSS5.3AI score0.00331EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/09 11:48 p.m.9 views

CVE-2026-41721 Spring Data Commons Denial of Service via Data Binding

Spring Data Commons contains a vulnerability that can lead to a Denial of Service DoS condition if Spring Data Web Support is enabled in conjunction with a Controller method using @ProjectedPayload, when an attacker sends a specially crafted HTTP request that causes the application to allocate lo...

5.9CVSS5.4AI score0.00331EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/09 11:48 p.m.43 views

CVE-2026-41721 Spring Data Commons Denial of Service via Data Binding

Spring Data Commons contains a vulnerability that can lead to a Denial of Service DoS condition if Spring Data Web Support is enabled in conjunction with a Controller method using @ProjectedPayload, when an attacker sends a specially crafted HTTP request that causes the application to allocate lo...

5.9CVSS0.00331EPSS
Exploits0References1
cve
cve
added 2026/06/09 11:48 p.m.68 views

CVE-2026-41721

Spring Data Commons vulnerability (CVE-2026-41721) can cause a Denial of Service when Spring Data Web Support is enabled and a controller uses @ProjectedPayload; a specially crafted HTTP request may cause excessive memory allocation. Affected versions include Spring Data Commons 4.0.0–4.0.5; 3.5....

5.9CVSS5.5AI score0.00331EPSS
Exploits0References1Affected Software1
osv
osv
added 2026/06/09 11:48 p.m.4 views

CVE-2026-41721 Spring Data Commons Denial of Service via Data Binding

Spring Data Commons contains a vulnerability that can lead to a Denial of Service DoS condition if Spring Data Web Support is enabled in conjunction with a Controller method using @ProjectedPayload, when an attacker sends a specially crafted HTTP request that causes the application to allocate lo...

5.9CVSS5.8AI score0.00331EPSS
Exploits0References3
euvd
euvd
added 2026/06/09 6:30 p.m.11 views

EUVD-2026-35533

Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS5.4AI score0.00326EPSS
Exploits0References2
nvd
nvd
added 2026/06/09 5:17 p.m.17 views

CVE-2026-42837

Out-of-bounds read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00326EPSS
Exploits0References1
nvd
nvd
added 2026/06/09 5:17 p.m.13 views

CVE-2026-42828

Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00326EPSS
Exploits0References1
Rows per page
Query Builder