Where
-Infinity
0

Trending

Last week
Last month
Last year

Spring FrameworkThe Spring Framework annotation detection mechanism may not correctly resolve annotations on methods…

Risk 33
Severity
7
First published (updated )
REDHAT-BUG-2395725

maven/org.springframework.boot:spring-bootSpring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed

Risk 51
Severity
7.3
First published (updated )
CVE-2025-22235

maven/org.springframework.security:spring-security-coreMissing Authorization When Using @AuthorizeReturnObject

Risk 45
Severity
7.5
First published (updated )
CVE-2024-38810

VMware Spring SecurityThe spring-security.xsd file inside the spring-security-config jar is world writable which means tha…

Risk 33
Severity
5.5
First published (updated )
CVE-2023-34042

maven/org.springframework.security:spring-security-configVMware Tanzu Spring Security could allow a remote attacker to bypass security restrictions, caused b…

Risk 53
Severity
7.3
First published (updated )
CVE-2023-34035
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

redhat/Spring SecurityVMware Tanzu Spring Security could allow a remote attacker to gain elevated privileges on the system…

Risk 78
Severity
8.1
First published (updated )
CVE-2022-31690

redhat/spring securityA flaw was found in the spring-security framework. Spring Security could allow a remote attacker to …

Risk 88
Severity
9.8
First published (updated )
CVE-2022-31692

VMware Spring SecurityInteger Overflow

Risk 29
Severity
5.3
First published (updated )
CVE-2022-22976

redhat/spring-securityA flaw was found in Spring Security. When using RegexRequestMatcher, an easy misconfiguration can by…

Risk 91
Severity
9.8
First published (updated )
CVE-2022-22978

Pivotal Software Spring SecuritySpring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, an…

Risk 78
Severity
9
First published (updated )
CVE-2021-22112
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

VMware Spring SecurityDictionary attack with Spring Security queryable text encryptor

Risk 38
Severity
6.5
First published (updated )
CVE-2020-5408

VMware Spring SecurityInsecure Randomness When Using a SecureRandom Instance Constructed by Spring Security

Risk 47
Severity
6.5
First published (updated )
CVE-2019-3795

VMware Spring SecurityPivotal Spring Security could allow a remote attacker to execute arbitrary code on the system, cause…

Risk 90
Severity
9.8
First published (updated )
CVE-2017-4995

VMware Spring SecurityThe ActiveDirectoryLdapAuthenticator in Spring Security 3.2.0 to 3.2.1 and 3.1.0 to 3.1.5 does not c…

Risk 52
Severity
7.5
First published (updated )
CVE-2014-0097

VMware Spring SecurityWhen using the CAS Proxy ticket authentication from Spring Security 3.1 to 3.2.4 a malicious CAS Ser…

Risk 89
Severity
9.8
First published (updated )
CVE-2014-3527
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

VMware Spring FrameworkBoth Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2.x, 4.0.x, 4.1.x, 4.2.x rely on…

Risk 45
Severity
7.5
First published (updated )
CVE-2016-5007

maven/org.springframework.security:spring-security-coreSpring Framework 3.0.0 through 3.0.5, Spring Security 3.0.0 through 3.0.5 and 2.0.0 through 2.0.6, a…

Risk 49
Severity
6.8
First published (updated )
CVE-2011-2894

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203