Lucene search
+L

13 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-24015

Malicious code in bioql PyPI...

6.9CVSS5.6AI score0.00369EPSS
Exploits0References5
redhatcve
redhatcve
added 2025/08/10 8:28 p.m.21 views

CVE-2025-8738

A vulnerability has been found in zlt2000 microservices-platform up to 6.0.0 and classified as problematic. This vulnerability affects unknown code of the file /actuator of the component Spring Actuator Interface. The manipulation leads to information disclosure. The attack can be initiated...

6.9CVSS7AI score0.00369EPSS
Exploits0References1
nvd
nvd
added 2025/08/08 8:15 p.m.6 views

CVE-2025-8738

A vulnerability has been found in zlt2000 microservices-platform up to 6.0.0 and classified as problematic. This vulnerability affects unknown code of the file /actuator of the component Spring Actuator Interface. The manipulation leads to information disclosure. The attack can be initiated...

6.9CVSS0.00369EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2025/08/08 8:2 p.m.5 views

CVE-2025-8738 zlt2000 microservices-platform Spring Actuator Interface actuator information disclosure

A vulnerability has been found in zlt2000 microservices-platform up to 6.0.0 and classified as problematic. This vulnerability affects unknown code of the file /actuator of the component Spring Actuator Interface. The manipulation leads to information disclosure. The attack can be initiated...

6.9CVSS7AI score0.00369EPSS
Exploits0References5
cve
cve
added 2025/08/08 8:2 p.m.19 views

CVE-2025-8738

CVE-2025-8738 affects zlt2000 microservices-platform

6.9CVSS7AI score0.00369EPSS
Exploits0References5
cvelist
cvelist
added 2025/08/08 8:2 p.m.18 views

CVE-2025-8738 zlt2000 microservices-platform Spring Actuator Interface actuator information disclosure

A vulnerability has been found in zlt2000 microservices-platform up to 6.0.0 and classified as problematic. This vulnerability affects unknown code of the file /actuator of the component Spring Actuator Interface. The manipulation leads to information disclosure. The attack can be initiated...

6.9CVSS0.00369EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2025/08/08 12:0 a.m.8 views

PT-2025-32409 · Unknown · Spring Actuator Interface +1

Name of the Vulnerable Software and Affected Versions: zlt2000 microservices-platform versions through 6.0.0 Description: A vulnerability exists in zlt2000 microservices-platform. The issue affects unknown code within the /actuator file of the Spring Actuator Interface component, leading to...

6.9CVSS5.3AI score0.00369EPSS
Exploits0References8
redhatcve
redhatcve
added 2025/08/06 8:37 p.m.7 views

CVE-2025-8525

A vulnerability was found in Exrick xboot up to 3.3.4. It has been classified as problematic. This affects an unknown part of the component Spring Boot Admin/Spring Actuator. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been...

6.9CVSS5AI score0.00433EPSS
Exploits1References1
osv
osv
added 2025/08/04 8:32 p.m.7 views

CVE-2025-8525 Exrick xboot Spring Boot Admin/Spring Actuator information disclosure

A vulnerability was found in Exrick xboot up to 3.3.4. It has been classified as problematic. This affects an unknown part of the component Spring Boot Admin/Spring Actuator. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been...

6.9CVSS5.1AI score0.00433EPSS
Exploits1References7
vulnrichment
vulnrichment
added 2025/08/04 8:32 p.m.4 views

CVE-2025-8525 Exrick xboot Spring Boot Admin/Spring Actuator information disclosure

A vulnerability was found in Exrick xboot up to 3.3.4. It has been classified as problematic. This affects an unknown part of the component Spring Boot Admin/Spring Actuator. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been...

6.9CVSS6.7AI score0.00433EPSS
Exploits1References5
cve
cve
added 2025/08/04 8:32 p.m.26 views

CVE-2025-8525

CVE-2025-8525 affects Exrick xboot up to 3.3.4, with a root cause tied to an information disclosure in the area of Spring Boot Admin/Spring Actuator . The vulnerability can be triggered remotely and the exploit has been publicly disclosed. Multiple connected sources corroborate the same impact an...

6.9CVSS5.2AI score0.00433EPSS
Exploits1References5Affected Software1
hackerone
hackerone
added 2020/04/29 5:29 p.m.37 views

LY Corporation: Spring Actuator endpoints publicly available, leading to account takeover

Due to insufficient access controls, it was possible to access the Spring Boot Actuator endpoints /heapdump and /env. The /heapdump endpoint leaks data from the Java Virtual Machine, leading to disclosure of admin credentials, user tokens and a combination of other data. This endpoint was not...

6.8AI score
Exploits0
prion
prion
added 2019/08/19 3:15 p.m.19 views

Design/Logic Flaw

Pivotal Apps Manager, included in Pivotal Application Service versions 2.3.x prior to 2.3.16, 2.4.x prior to 2.4.12, 2.5.x prior to 2.5.8, and 2.6.x prior to 2.6.3, makes a request to the /cloudapplication endpoint via Spring actuator, and subsequent requests via unsecured http. An adjacent...

4.8CVSS5.5AI score0.00336EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder