Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-3947

Malicious code in bioql PyPI...

7.8CVSS7.2AI score0.00253EPSS
Exploits0References17
F5 Networks
F5 Networksadded 2024/11/19 2:50 a.m.21 views

K000148606: Spring vulnerability CVE-2021-22119

Security Advisory Description Spring Security versions 5.5.x prior to 5.5.1, 5.4.x prior to 5.4.7, 5.3.x prior to 5.3.10 and 5.2.x prior to 5.2.11 are susceptible to a Denial-of-Service DoS attack via the initiation of the Authorization Request in an OAuth 2.0 Client Web and WebFlux application. ...

7.5CVSS6.3AI score0.04895EPSS
Exploits0
OSV
OSVadded 2024/10/28 9:30 a.m.0 views

GHSA-C4Q5-6C82-3QPW Spring Security vulnerable to Authorization Bypass of Static Resources in WebFlux Applications

Spring WebFlux applications that have Spring Security authorization rules on static resources can be bypassed under certain circumstances. For this to impact an application, all of the following must be true: It must be a WebFlux application It must be using Spring's static resources support It...

9.3CVSS5.9AI score0.1309EPSS
Exploits2References6
Cvelist
Cvelistadded 2024/10/28 7:6 a.m.47 views

CVE-2024-38821 Authorization Bypass of Static Resources in WebFlux Applications

Spring WebFlux applications that have Spring Security authorization rules on static resources can be bypassed under certain circumstances. For this to impact an application, all of the following must be true: It must be a WebFlux application It must be using Spring's static resources support It...

9.1CVSS0.1309EPSS
Exploits2References1
RedHat Linux
RedHat Linuxadded 2022/07/07 2:19 p.m.0 views

spring-security: Denial-of-Service (DoS) attack via initiation of Authorization Request

Spring Security versions 5.5.x prior to 5.5.1, 5.4.x prior to 5.4.7, 5.3.x prior to 5.3.10 and 5.2.x prior to 5.2.11 are susceptible to a Denial-of-Service DoS attack via the initiation of the Authorization Request in an OAuth 2.0 Client Web and WebFlux application. A malicious user or attacker c...

7.5CVSS7.2AI score0.04895EPSS
Exploits0References4
CNVD
CNVDadded 2021/05/28 12:0 a.m.11 views

Vmware Spring Framework Elevation of Privilege Vulnerability

Vmware Spring Framework is the United States, Vmware Vmware company's set of open source Java, JavaEE application framework. The framework helps developers build high-quality applications . An elevation of privilege vulnerability exists in Vmware Spring Framework, which can be exploited by an...

7.8CVSS6.7AI score0.00253EPSS
Exploits0References1
CVE
CVEadded 2021/05/27 2:48 p.m.273 views

CVE-2021-22118

CVE-2021-22118 affects the Spring Framework WebFlux component. The vulnerability exists in Spring Framework versions: 5.2.x prior to 5.2.15 and 5.3.x prior to 5.3.7. An authenticated local attacker can exploit a flaw tied to (re)creating the temporary storage directory to read or modify files upl...

7.8CVSS7.5AI score0.00253EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder