Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
springsource vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2009-2899
The monitor perl script in the Sybase database plug-in in SpringSource Hyperic HQ prior to 4.3 allows local users to obtain the database password by listing the process and its arguments.
Vmware Hyperic Hq
5
CVSSv2
CVE-2011-0527
VMware vFabric tc Server (aka SpringSource tc Server) 2.0.x prior to 2.0.6.RELEASE and 2.1.x prior to 2.1.2.RELEASE accepts obfuscated passwords during JMX authentication, which makes it easier for context-dependent malicious users to obtain access by leveraging an ability to rea...
Vmware Tc Server 2.0.4
Vmware Tc Server 2.0.5
Vmware Tc Server 2.0.1
Vmware Tc Server 2.0.2
Vmware Tc Server 2.1.1
Vmware Tc Server 2.0.3
Vmware Tc Server 2.0.0
Vmware Tc Server 2.1.0
6.8
CVSSv2
CVE-2010-1454
com.springsource.tcserver.serviceability.rmi.JmxSocketListener in VMware SpringSource tc Server Runtime 6.0.19 and 6.0.20 prior to 6.0.20.D, and 6.0.25.A prior to 6.0.25.A-SR01, does not properly enforce the requirement for an encrypted (aka s2enc) password, which allows remote m...
Vmware Tc Server 6.0.25.a
Vmware Tc Server 6.0.20.a
Vmware Tc Server 6.0.19.a
Vmware Tc Server 6.0.20
Vmware Tc Server 6.0.20.b
Vmware Tc Server 6.0.20.c
Vmware Tc Server 6.0.19
5
CVSSv2
CVE-2009-1190
Algorithmic complexity vulnerability in the java.util.regex.Pattern.compile method in Sun Java Development Kit (JDK) prior to 1.6, when used with spring.jar in SpringSource Spring Framework 1.1.0 up to and including 2.5.6 and 3.0.0.M1 up to and including 3.0.0.M2 and dm Server 1....
Sun Jdk 1.3.1 11
Sun Jdk 1.3.1 12
Sun Jdk 1.3.1 13
Sun Jdk 1.3.1 06
Sun Jdk 1.3.1 05
Sun Jdk 1.3.0 05
Sun Jdk 1.3.0 04
Sun Jdk 1.3.1 14
Sun Jdk 1.3.0 01
Sun Jdk 1.3.1 04
Sun Jdk 1.3.1 03
Sun Jdk 1.3.0 03
Sun Jdk 1.3.0 02
Sun Jdk 1.1.8
Sun Jdk 1.2.2
Sun Jdk 1.2.1
Sun Jdk 1.3.1 24
Sun Jdk 1.3.1 23
Sun Jdk 1.3.1 21
Sun Jdk 1.3.1 28
Sun Jdk 1.4.2 14
Sun Jdk 1.4.2 13
5
CVSSv2
CVE-2010-3700
VMware SpringSource Spring Security 2.x prior to 2.0.6 and 3.x prior to 3.0.4, and Acegi Security 1.0.0 up to and including 1.0.7, as used in IBM WebSphere Application Server (WAS) 6.1 and 7.0, allows remote malicious users to bypass security constraints via a path parameter.
Vmware Springsource Spring Security 2.0.4
Vmware Springsource Spring Security 2.0.3
Acegisecurity Acegi-security 1.0.4
Acegisecurity Acegi-security 1.0.5
Vmware Springsource Spring Security 2.0.0
Vmware Springsource Spring Security 2.0.5
Acegisecurity Acegi-security 1.0.2
Acegisecurity Acegi-security 1.0.3
Vmware Springsource Spring Security 3.0.0
Vmware Springsource Spring Security 3.0.1
Vmware Springsource Spring Security 2.0.2
Vmware Springsource Spring Security 2.0.1
Acegisecurity Acegi-security 1.0.6
Acegisecurity Acegi-security 1.0.7
Vmware Springsource Spring Security 3.0.2
Vmware Springsource Spring Security 3.0.3
Acegisecurity Acegi-security 1.0.0
Acegisecurity Acegi-security 1.0.1
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 6.1
5
CVSSv2
CVE-2010-3863
Apache Shiro prior to 1.1.0, and JSecurity 0.9.x, does not canonicalize URI paths before comparing them to entries in the shiro.ini file, which allows remote malicious users to bypass intended access restrictions via a crafted request, as demonstrated by the /./account/index.jsp ...
Apache Shiro
Jsecurity Jsecurity 0.9.0
1 EDB exploit
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5274
CVE-2024-35388
CVE-2024-35396
elevation of privilege
CVE-2021-47544
file upload
CVE-2021-47545
memory leak
CVE-2024-4956
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2