Lucene search
K

5 matches found

NVD
NVD
added 2026/06/10 12:16 a.m.13 views

CVE-2026-41697

Spring Data Relational does not properly escape binding values of externally-controlled input when using StringMatcher STARTING, ENDING, or CONTAINING in Query By Example QBE. An attacker can supply wildcard characters to perform boolean-based blind data inference. Affected versions: Spring Data...

4.8CVSS0.00227EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.15 views

VMware Spring Data Relational 安全漏洞

VMware Spring Data Relational is a relational database access framework developed by VMware, Inc. There is a security vulnerability in VMware Spring Data Relational, which stems from the improper escaping of external control inputs when using StringMatcher in Query By Example. Attackers can use...

4.8CVSS5.3AI score0.00227EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.16 views

PT-2026-48313

Name of the Vulnerable Software and Affected Versions Spring Data Relational/JDBC/R2DBC versions 4.0.0 through 4.0.5 Spring Data Relational/JDBC/R2DBC versions 3.5.0 through 3.5.11 Spring Data Relational/JDBC/R2DBC versions 3.4.0 through 3.4.14 Spring Data Relational/JDBC/R2DBC versions 3.3.0...

4.8CVSS5.8AI score0.00227EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/08 3:41 p.m.7 views

CVE-2026-46282

In the Linux kernel, the following vulnerability has been resolved: iio: frequency: admv1013: fix NULL pointer dereference on str When devicepropertyreadstring fails, str is left uninitialized but the code falls through to strcmpstr, ..., dereferencing a garbage pointer. Replace manual read/strcm...

5.5AI score0.00168EPSS
Exploits0References5Affected Software1
RedHat Linux
RedHat Linux
added 2020/03/26 3:46 p.m.3 views

spring-data-api: potential information disclosure through maliciously crafted example value in ExampleMatcher

This affects Spring Data JPA in versions up to and including 2.1.6, 2.0.14 and 1.11.20. ExampleMatcher using ExampleMatcher.StringMatcher.STARTING, ExampleMatcher.StringMatcher.ENDING or ExampleMatcher.StringMatcher.CONTAINING could return more results than anticipated when a maliciously crafted...

5.3CVSS5.7AI score0.01247EPSS
Exploits0References5
Rows per page
Query Builder