Lucene search
K

4 matches found

CVE
CVE
added 2026/03/20 3:27 a.m.17 views

CVE-2026-32939

DataEase (open-source data visualization tool) versions 2.10.19 and earlier suffer a locale-related input validation bug in JDBC URL handling. DataEase uses String.toUpperCase() without an explicit Locale, making its security checks depend on the JVM’s default locale, while H2 JDBC normalizes URL...

8.1CVSS5.8AI score0.00447EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/18 12:0 a.m.13 views

The vulnerability of the String.toUpperCase() function in Mozilla Firefox and the Thunderbird email client allows a hacker to execute arbitrary code.

The vulnerability of the String.toUpperCase function in Mozilla Firefox and the Thunderbird email client is related to access to an uninitialized pointer. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

7.5CVSS7.3AI score0.00446EPSS
Exploits0References18Affected Software5
OSV
OSV
added 2024/12/02 3:31 p.m.3 views

GHSA-Q3V6-HM2V-PW99 Spring Framework has Authorization Bypass for Case Sensitive Comparisons

The usage of String.toLowerCase and String.toUpperCase has some Locale dependent exceptions that could potentially result in authorization rules not working properly...

6.3CVSS5.9AI score0.00385EPSS
Exploits0References7
Cvelist
Cvelist
added 2024/12/02 2:32 p.m.53 views

CVE-2024-38827 Spring Security Authorization Bypass for Case Sensitive Comparisons

The usage of String.toLowerCase and String.toUpperCase has some Locale dependent exceptions that could potentially result in authorization rules not working properly...

4.8CVSS0.00385EPSS
Exploits0References1
Rows per page
Query Builder