📄 mPDF 8.1.0 Server-Side Request Forgery / Local File Disclosure / DoS

mPDF version 8.1.0 is vulnerable to multiple security issues related to unsafe handling of external resources, file paths, and image content during HTML-to-PDF rendering. When untrusted or partially trusted HTML input is processed, attackers may exploit insufficient validation to trigger...

CVE-2025-41242

CVE-2025-41242 is a path traversal vulnerability in Spring Framework MVC when deployed on a non‑compliant Servlet container. An app is at risk if it is WAR‑deployed or uses an embedded container, the container does not reject suspicious URI sequences, and the app serves static resources via Sprin...

PT-2022-3546 · Profinet · Profinet

Name of the Vulnerable Software and Affected Versions: PROFINET PNIO stack versions affected versions not specified Description: The issue is related to the improper handling of internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an...

Server classes and resources exposure in OSGi applications using Vaadin 12-14 and 19

Vulnerability in OSGi integration in com.vaadin:flow-server versions 1.2.0 through 2.4.7 Vaadin 12.0.0 through 14.4.9, and 6.0.0 through 6.0.1 Vaadin 19.0.0 allows attacker to access application classes and resources on the server via crafted HTTP request. See CWE-402: Transmission of Private...

Linux kernel resource management error vulnerability (CNVD-2021-20271)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A resource management error vulnerability exists in the Linux kernel. The vulnerability arises from mismanagement of system resources e.g., memory, disk space, files,...