CVE-2026-22753

A flaw was found in Spring Security. When an application uses specific configurations involving securityMatchersString and PathPatternRequestMatcher.Builder to handle servlet paths, the intended security controls may not be applied. This can result in a security bypass, where authentication and...

ManageEngine SupportCenter Plus < 14.9 Build 14940 Privilege Escalation

The version of ManageEngine SupportCenter Plus installed on the remote host is prior to 14.9 Build 14940. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-8309 advisory. - A privilege escalation vulnerability caused by the overly permissive regular expression regex rule...

CVE-2024-51320

Cross Site Scripting vulnerability in Zucchetti Ad Hoc Infinity 2.4 allows an authenticated attacker to achieve Remote Code Execution via the /servlet/gsdmfsavehtmltmp, /servlet/gsdmbtlkopenfile components...

SUSE CVE-2017-13771

Lexmark Scan To Network SNF 3.2.9 and earlier stores network configuration credentials in plaintext and transmits them in requests, which allows remote attackers to obtain sensitive information via requests to 1 cgi-bin/direct/printer/prtappauth/apps/snfDestServlet or 2...