Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1711 matches found

IBM Security Bulletins
IBM Security Bulletinsadded 2023/07/28 4:48 p.m.65 views

Security Bulletin: Multiple VMWare Tanzu Spring Vulerabilities Affects IBM OpenPages with Watson (CVE-2022-22968, CVE-2022-22970, CVE-2022-22971)

Summary Spring Framework open source library is used by IBM OpenPages with Watson. Multiple vulnerabilties are being disclosed from Spring Framework within this bulletin. These vulnerabilities are addressed. Vulnerability Details CVEID:CVE-2022-22968 DESCRIPTION: Spring Framework could provide...

6.5CVSS6.4AI score0.2051EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/07/28 4:47 p.m.78 views

Security Bulletin: A VMWare Tanzu Spring Vulerability Affects IBM OpenPages with Watson (CVE-2022-22950)

Summary There is a vulnerability in the Spring Framework open source library used by IBM OpenPages with Watson. This affects the IBM OpenPages application server. This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2022-22950 DESCRIPTION: VMware Tanzu Spring Framework is...

6.5CVSS6.9AI score0.02461EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/07/27 7:20 p.m.61 views

Security Bulletin: Multiple vulnerabilities affect embedded Content Management Interoperability Service in IBM Business Automation Workflow - CVE-2023-20861, CVE-2023-20863

Summary Embedded Content Management Interoperability Service in IBM Business Automation Workflow is affected by multiple Spring framework vulnerabilities Vulnerability Details CVEID:CVE-2023-20863 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service, caused by improper...

6.5CVSS7.2AI score0.01066EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2023/07/27 5:45 p.m.36 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to an arbitrary code execution in Pivota Spring Framework [CVE-2016-1000027]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to an arbitrary code execution in Pivota Spring Framework, caused by an unsafe deserialization flaw in the library. CVE-2016-1000027 Pivota Spring Framework is used as part of our Speech Service microservices...

9.8CVSS9.6AI score0.60417EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/07/24 8:42 p.m.47 views

Security Bulletin: VMware Tanzu Spring Framework is vulnerable to CVE-2023-20860 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses VMware Tanzu Spring Framework which is vulnerable to CVE-2023-20860. IBM has addressed this vulnerability. Vulnerability Details CVEID:CVE-2023-20860 DESCRIPTION: VMware Tanzu Spring Framework could allow a remote attacker to bypass...

7.5CVSS7.3AI score0.56284EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/07/24 8:30 p.m.43 views

Security Bulletin: VMware Tanzu Spring Framework is vulnerable to CVE-2023-20861 and CVE-2023-20863 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses VMware Tanzu Spring Framework which is vulnerable to CVE-2023-20861 and CVE-2023-20863. Vulnerability Details CVEID:CVE-2023-20861 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service. By sending a specially...

6.5CVSS7.1AI score0.01066EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessusadded 2023/07/21 12:0 a.m.77 views

Oracle Business Intelligence Publisher (OBIEE) (July 2023 CPU)

The 5.9.0.0 and 6.4.0.0 versions of Oracle Business Intelligence Enterprise Edition installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2023 CPU advisory. - Vulnerability in the BI Publisher product of Oracle Analytics component: Security Apache CXF. Th...

9.8CVSS6.6AI score0.02136EPSS
Exploits7References6
IBM Security Bulletins
IBM Security Bulletinsadded 2023/07/20 4:39 p.m.41 views

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to VMware Tanzu Spring Framework denial of service vulnerabilitiy [CVE-2023-20863]

Summary Potential VMware Tanzu Spring Framework denial of service vulnerabilitiy have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. CVE-2023-20863 Vulnerability Details...

6.5CVSS6.7AI score0.01066EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/07/20 4:33 p.m.38 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in VMware Tanzu Spring Framework (CVE-2023-20863)

Summary A vulnerability in VMware Tanzu Spring Framework used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-20863 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service, caused by improper input validation. By sending a specially...

6.5CVSS6.5AI score0.01066EPSS
Exploits0Affected Software1
BDU FSTEC
BDU FSTECadded 2023/07/19 12:0 a.m.1 views

The vulnerability of the Java framework for securing industrial applications using Spring Security stems from configuration errors related to authentication. These errors can occur when using multiple servlets, including the DispatcherServlet in Spring MVC. This vulnerability allows attackers to expose sensitive information and enhance their privileges.

The vulnerability of the Java framework for securing industrial applications using Spring Security is related to errors in authentication configuration. These errors can occur when using multiple servlets, including the DispatcherServlet in Spring MVC. Exploiting this vulnerability allows a...

10CVSS0.4929EPSS
Exploits2References4Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/07/14 9:38 p.m.29 views

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to VMware Tanzu Spring Framework denial of service vulnerabilitiy [CVE-2023-20863]

Summary Potential VMware Tanzu Spring Framework denial of service vulnerabilitiy have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. CVE-2023-20863 Vulnerability Details...

6.5CVSS6.7AI score0.01066EPSS
Exploits0Affected Software1
Spring Engineering
Spring Engineeringadded 2023/07/13 12:0 a.m.11 views

A Bootiful Podcast: Spring Framework and Spring Boot legend Stéphane Nicoll on a Bootiful Podcast

Hi, Spring fans! Welcome to another installment of A Bootiful Podcast! In this installment, Josh Long talk to Spring team legend Stéphane Nicoll @snicoll about Spring Boot, Apache Maven and Gradle, his journey to the Spring team, and so much more. This episode was recorded live from beautiful...

6.8AI score
Exploits0
Spring Engineering
Spring Engineeringadded 2023/07/13 12:0 a.m.29 views

New in Spring 6.1: RestClient

Spring Framework 6.1 M2 introduces the RestClient, a new synchronous HTTP client. As the name suggests, RestClient offers the fluent API of WebClient with the infrastructure of RestTemplate. Fourteen years ago, when RestTemplate was introduced in Spring Framework 3.0, we quickly discovered that...

7AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletinsadded 2023/07/12 9:32 p.m.32 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in VMware Tanzu Spring Framework (CVE-2023-20863)

Summary Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in VMware Tanzu Spring Boot, caused by improper input validation CVE-2023-20863. VMware Tanzu Spring Framework is used as part of our Speech Service microservices. This...

6.5CVSS6.4AI score0.01066EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/07/06 6:7 p.m.35 views

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to VMware Tanzu Spring Framework security bypass and denial of service vulnerabilities [CVE-2023-20860, CVE-2023-20861]

Summary Potential VMware Tanzu Spring Framework security bypass and denial of service vulnerabilities have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerabilities have been addressed. Refer to details for additional information. CVE-2023-20860,...

7.5CVSS7.5AI score0.56284EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/07/03 7:55 p.m.32 views

Security Bulletin: Vulnerability in Spring Framework affects IBM Process Mining [CVE-2016-1000027]

Summary There is a vulnerability in Spring Framework that could allow a remote attacker to execute arbitrary code on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. CVE-2016-1000027 Vulnerability Details...

9.8CVSS9.7AI score0.60417EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/06/30 1:49 p.m.33 views

Security Bulletin: IBM Watson Explorer is affected by vulnerabilities in Spring Framework

Summary IBM Watson Explorer contains a vulnerable version of Spring Framework. Vulnerability Details CVEID:CVE-2023-20863 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service, caused by improper input validation. By sending a specially crafted SpEL expression, a remote...

6.5CVSS7.1AI score0.01066EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linuxadded 2023/06/29 8:7 p.m.3 views

springframework: Spring Expression DoS Vulnerability

A flaw found was found in Spring Framework. This flaw allows a malicious user to use a specially crafted SpEL expression that causes a denial of service DoS...

6.5CVSS7.1AI score0.00542EPSS
Exploits1References5
RedHat Linux
RedHat Linuxadded 2023/06/29 8:7 p.m.47 views

Critical: Red Hat Security Advisory: Red Hat Fuse 7.12 release and security update

A minor version update from 7.11 to 7.12 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring...

9.8CVSS7.2AI score0.56284EPSS
Exploits17References32
RedHat Linux
RedHat Linuxadded 2023/06/29 8:7 p.m.4 views

springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern

A flaw was found in Spring Framework. In this vulnerability, a security bypass is possible due to the behavior of the wildcard pattern...

7.5CVSS7.1AI score0.56284EPSS
Exploits1References5
Rows per page
Query Builder