In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.
RESI Gemini-Net Web 4.2 is affected by Improper Access Control in authorization logic. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
In JetBrains TeamCity before 2022.04 leak of secrets in TeamCity agent logs was possible. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A vulnerability affecting F-Secure SAFE browser was discovered. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.