Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
spring cloud config vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-20859
In Spring Vault, versions 3.0.x before 3.0.2 and versions 2.3.x before 2.3.3 and older versions, an application is vulnerable to insertion of sensitive information into a log file when it attempts to revoke a Vault batch token.
Vmware Spring Vault
Vmware Spring Cloud Vault 4.0.0
Vmware Spring Cloud Config
Vmware Spring Cloud Vault
4.3
CVSSv2
CVE-2020-5405
Spring Cloud Config, versions 2.2.x before 2.2.2, versions 2.1.x before 2.1.7, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a special...
Vmware Spring Cloud Config
1 Github repository
5
CVSSv2
CVE-2020-5410
Spring Cloud Config, versions 2.2.x before 2.2.3, versions 2.1.x before 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a special...
Vmware Spring Cloud Config
5 Github repositories
4.3
CVSSv2
CVE-2019-3799
Spring Cloud Config, versions 2.1.x before 2.1.2, versions 2.0.x before 2.0.4, and versions 1.4.x before 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, c...
Vmware Spring Cloud Config
Oracle Communications Cloud Native Core Policy 1.15.0
1 EDB exploit
2 Github repositories
9.3
CVSSv2
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1147 Github repositories
28 Articles
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started