Security Bulletin: Security Vulnerability in Spring Security Affects IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2025-41248)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the security vulnerability in Spring Security Vulnerability Details CVEID:CVE-2025-41248 DESCRIPTION: The Spring Security annotation detection mechanism may not correctly resolve annotations on methods within type...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.0.1.13)

The version of AOS installed on the remote host is prior to 7.0.1.13. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.0.1.13 advisory. - Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forg...

EUVD-2018-0586

Malware in sbrugna...

CVE-2025-22235

EndpointRequest.to creates a matcher for null/ if the actuator endpoint, for which the EndpointRequest has been created, is disabled or not exposed. Your application may be affected by this if all the following conditions are met: You use Spring Security EndpointRequest.to has been used in a Spri...

Improper Password Verification

org.springframework.security, spring-security-crypto is vulnerable to Improper password verification. The vulnerability is due to BCrypt's 72-character password truncation causing BCryptPasswordEncoder.matches to validate only the first 72 characters, allowing incorrect password acceptance...