Posts of last 24 hours

CVE-2022-39184 | EXFO BV-10 Performance Endpoint Unit improper authentication (EUVD-2022-41729)
A vulnerability classified as critical was found in EXFO BV-10 Performance Endpoint Unit. Affected is an unknown function. Such manipulation leads to improper authentication. This vulnerability is uniquely identified as CVE-2022-39184. The attack can be launched remotely. No exploit exists.
https://vuldb.com/vuln/218163
CVE-2022-39177 | BlueZ up to 5.58 profiles/audio/avdtp.c denial of service (USN-5481-1 / EUVD-2022-41722)
A vulnerability was found in BlueZ up to 5.58. It has been declared as problematic. This impacts an unknown function of the file profiles/audio/avdtp.c. Executing a manipulation can lead to denial of service. This vulnerability is handled as CVE-2022-39177. The physical device can be targeted for the attack. There is not any exploit available. It is recommended to upgrade the affected component.
https://vuldb.com/vuln/207767
CVE-2022-39182 | HC Mingham-Smith Tardis 2000 1.6 privileges management (EUVD-2022-41727)
A vulnerability marked as critical has been reported in HC Mingham-Smith Tardis 2000 1.6. The impacted element is an unknown function. The manipulation leads to improper privilege management. This vulnerability is traded as CVE-2022-39182. Access to the local network is required for this attack to succeed. There is no exploit available.
https://vuldb.com/vuln/218160
CVE-2022-39183 | SAML Auth Plugin on Moodle redirect (EUVD-2022-41728 / Nessus ID 260723)
A vulnerability was found in SAML Auth Plugin on Moodle and classified as problematic. This vulnerability affects unknown code. The manipulation results in open redirect. This vulnerability is identified as CVE-2022-39183. The attack can be executed remotely. There is not any exploit available.
https://vuldb.com/vuln/218167
CVE-2022-39176 | BlueZ up to 5.58 profiles/audio/avrcp.c params_len information disclosure (USN-5481-1 / EUVD-2022-41721)
A vulnerability was found in BlueZ up to 5.58. It has been classified as problematic. This affects the function params_len of the file profiles/audio/avrcp.c. Performing a manipulation results in information disclosure. This vulnerability is known as CVE-2022-39176. The attack may be carried out on the physical device. No exploit is available. Upgrading the affected component is recommended.
https://vuldb.com/vuln/207766
CVE-2026-41841 | Vmware Spring Framework up to 5.3.48/6.1.27/6.2.18/7.0.7 Static Resource Cache/WebFlux cache containing sensitive information (EUVD-2026-35328)
A vulnerability identified as problematic has been detected in Vmware Spring Framework up to 5.3.48/6.1.27/6.2.18/7.0.7. Impacted is an unknown function of the component Static Resource Cache/WebFlux. This manipulation causes use of cache containing sensitive information. This vulnerability is registered as CVE-2026-41841. Remote exploitation of the attack is possible. No exploit is available. You should upgrade the affected component.
https://vuldb.com/vuln/369386
CVE-2026-41842 | Vmware Spring Framework up to 5.3.48/6.1.27/6.2.18/7.0.7 resource consumption (EUVD-2026-35330)
A vulnerability, which was classified as problematic, was found in Vmware Spring Framework up to 5.3.48/6.1.27/6.2.18/7.0.7. Affected by this issue is some unknown functionality. Such manipulation leads to resource consumption. This vulnerability is uniquely identified as CVE-2026-41842. The attack can be launched remotely. No exploit exists. You should upgrade the affected component.
https://vuldb.com/vuln/369393
CVE-2026-41843 | Vmware Spring Framework up to 5.3.48/6.1.27/6.2.18/7.0.7 Versioned Static Resource path traversal (EUVD-2026-35331)
A vulnerability has been found in Vmware Spring Framework up to 5.3.48/6.1.27/6.2.18/7.0.7 and classified as critical. This affects an unknown part of the component Versioned Static Resource Handler. Performing a manipulation results in path traversal. This vulnerability was named CVE-2026-41843. The attack may be initiated remotely. There is no available exploit. The affected component should be upgraded.
https://vuldb.com/vuln/369394
CVE-2026-41006 | Vmware Spring HATEOAS up to 3.0.3 Collection+JSON/UBER access control (EUVD-2026-35345)
A vulnerability was found in Vmware Spring HATEOAS up to 1.5.6/2.3.4/2.4.1/2.5.2/3.0.3. It has been rated as critical. The affected element is an unknown function of the component Collection+JSON/UBER. This manipulation causes improper access controls. This vulnerability is tracked as CVE-2026-41006. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is advised.
https://vuldb.com/vuln/369398
CVE-2026-41007 | Vmware Spring HATEOAS up to 3.0.3 StringLinkRelation allocation of resources (EUVD-2026-35346)
A vulnerability categorized as problematic has been discovered in Vmware Spring HATEOAS up to 1.5.6/2.3.4/2.4.1/2.5.2/3.0.3. The impacted element is an unknown function of the component StringLinkRelation Handler. Such manipulation leads to allocation of resources. This vulnerability is listed as CVE-2026-41007. The attack may be performed from remote. There is no available exploit. It is advisable to upgrade the affected component.
https://vuldb.com/vuln/369399

Managed ad