New Alerts for Spring, PowerDNS, VMware, Sungrow, Netgate, and IBM.
Spring
Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass. CVSSv3 score of 9.1
More info.
A remote attacker can cause a DoS via a crafted TCP connection. CVSSv3 score of 7.5
More info.
Multiple vulnerabilities in VMware Cloud Foundation were privately reported to VMware. Highest CVSSv3 score of 8.2
More info.
Old versions of Sungrow Logger1000A/B products do not have a function to enforce default password changes for users, and users have not taken the initiative to modify the default password, allowing remote attackers to gain access to sensitive device information. CVSSv3 score of 3.7
More info.
Netgate has published 7 bulletins for pfSense.
More info.
IBM has published Critical security bulletins for Integrated Analytics System, Maximo AI Service, and TSSC/IMC.
More info.
