📦 Communications Cloud Native Core Network Repository Function

This vulnerability allows remote attackers to execute arbitrary code on systems running vulnerable versions of Spring Cloud Function. Attackers can craft malicious SpEL expressions in routing function...

CVE-2022-22947 is a critical remote code execution vulnerability in Spring Cloud Gateway when the Actuator endpoint is enabled and exposed without proper security controls. Attackers can send speciall...

CVE-2021-43527 is a critical heap overflow vulnerability in NSS (Network Security Services) that allows remote code execution when processing malicious DER-encoded DSA or RSA-PSS signatures. It affect...

CVE-2020-36518 is a denial-of-service vulnerability in Jackson Databind where processing deeply nested JSON objects causes a Java StackOverflowError, crashing the application. This affects any Java ap...

CVE-2022-23308 is a use-after-free vulnerability in libxml2's validation component that allows attackers to potentially execute arbitrary code or cause denial of service. It affects applications that ...

This vulnerability in protobuf-java allows attackers to craft malicious Protocol Buffer messages that cause excessive CPU consumption through parser inefficiencies. It affects any Java application usi...

CVE-2021-22901 is a use-after-free vulnerability in curl/libcurl that allows a malicious TLS 1.3 server to potentially execute arbitrary code on the client. This affects curl clients using OpenSSL wit...

This vulnerability in Libgcrypt allows side-channel attacks against ElGamal encryption due to missing exponent blinding and inappropriate window size selection. Attackers can potentially recover priva...

This vulnerability in Google Guava's createTempDir() method creates temporary directories with world-readable permissions on Unix-like systems, allowing any user on the same machine to potentially rea...