13 matches found
EUVD-2025-24015
Malicious code in bioql PyPI...
CVE-2025-8738
A vulnerability has been found in zlt2000 microservices-platform up to 6.0.0 and classified as problematic. This vulnerability affects unknown code of the file /actuator of the component Spring Actuator Interface. The manipulation leads to information disclosure. The attack can be initiated...
CVE-2025-8738
A vulnerability has been found in zlt2000 microservices-platform up to 6.0.0 and classified as problematic. This vulnerability affects unknown code of the file /actuator of the component Spring Actuator Interface. The manipulation leads to information disclosure. The attack can be initiated...
CVE-2025-8738 zlt2000 microservices-platform Spring Actuator Interface actuator information disclosure
A vulnerability has been found in zlt2000 microservices-platform up to 6.0.0 and classified as problematic. This vulnerability affects unknown code of the file /actuator of the component Spring Actuator Interface. The manipulation leads to information disclosure. The attack can be initiated...
CVE-2025-8738 zlt2000 microservices-platform Spring Actuator Interface actuator information disclosure
A vulnerability has been found in zlt2000 microservices-platform up to 6.0.0 and classified as problematic. This vulnerability affects unknown code of the file /actuator of the component Spring Actuator Interface. The manipulation leads to information disclosure. The attack can be initiated...
CVE-2025-8738
CVE-2025-8738 affects zlt2000 microservices-platform
PT-2025-32409 · Unknown · Spring Actuator Interface +1
Name of the Vulnerable Software and Affected Versions: zlt2000 microservices-platform versions through 6.0.0 Description: A vulnerability exists in zlt2000 microservices-platform. The issue affects unknown code within the /actuator file of the Spring Actuator Interface component, leading to...
CVE-2025-8525
A vulnerability was found in Exrick xboot up to 3.3.4. It has been classified as problematic. This affects an unknown part of the component Spring Boot Admin/Spring Actuator. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-8525
A vulnerability was found in Exrick xboot up to 3.3.4. It has been classified as problematic. This affects an unknown part of the component Spring Boot Admin/Spring Actuator. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-8525
CVE-2025-8525 affects Exrick xboot up to 3.3.4, with a root cause tied to an information disclosure in the area of Spring Boot Admin/Spring Actuator . The vulnerability can be triggered remotely and the exploit has been publicly disclosed. Multiple connected sources corroborate the same impact an...
CVE-2025-8525 Exrick xboot Spring Boot Admin/Spring Actuator information disclosure
A vulnerability was found in Exrick xboot up to 3.3.4. It has been classified as problematic. This affects an unknown part of the component Spring Boot Admin/Spring Actuator. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been...
LY Corporation: Spring Actuator endpoints publicly available, leading to account takeover
Due to insufficient access controls, it was possible to access the Spring Boot Actuator endpoints /heapdump and /env. The /heapdump endpoint leaks data from the Java Virtual Machine, leading to disclosure of admin credentials, user tokens and a combination of other data. This endpoint was not...
Design/Logic Flaw
Pivotal Apps Manager, included in Pivotal Application Service versions 2.3.x prior to 2.3.16, 2.4.x prior to 2.4.12, 2.5.x prior to 2.5.8, and 2.6.x prior to 2.6.3, makes a request to the /cloudapplication endpoint via Spring actuator, and subsequent requests via unsecured http. An adjacent...