Spring 漏洞列表
共找到 174 个与 Spring 相关的漏洞
📅 加载漏洞趋势中...
- 2025-09-24Spring Cloud Gateway 信息泄露漏洞(CVE-2025-41243)
- 2025-09-24Spring Cloud Gateway环境属性修改漏洞 (CVE-2025-41243)
- 2025-09-01CVE-2019-3799: Spring Cloud Config Server Directory Traversal
- 2025-09-01springboot-actuator-unauth: Springboot Actuator Unauth
- 2025-09-01springblade-export-user-sqli: SpringBlade 框架后台 export-user 路径 SQL 注入漏洞
- POC 2025-08-01spring4shell-CVE-2022-22965: Spring Framework RCE via Data Binding on JDK 9+
- POC 2025-08-01CVE-2016-4977: Spring Security OAuth2 Remote Command Execution
- POC 2025-08-01CVE-2017-8046: Spring Data REST < 2.6.9 (Ingalls SR9) / 3.0.1 (Kay SR1) - PATCH Request Remote Code Execution
- POC 2025-08-01CVE-2018-1271: Spring MVC Framework - Local File Inclusion
- POC 2025-08-01CVE-2018-1273: Spring Data Commons - Remote Code Execution
- POC 2025-08-01CVE-2019-3799: Spring Cloud Config Server - Local File Inclusion
- POC 2025-08-01CVE-2020-5405: Spring Cloud Config - Local File Inclusion
- POC 2025-08-01CVE-2020-5410: Spring Cloud Config Server - Local File Inclusion
- POC 2025-08-01CVE-2020-5412: Spring Cloud Netflix - Server-Side Request Forgery
- POC 2025-08-01CVE-2021-21234: Spring Boot Actuator Logview Directory Traversal
- POC 2025-08-01CVE-2021-22053: Spring Cloud Netflix Hystrix Dashboard <2.2.10 - Remote Code Execution
- POC 2025-08-01CVE-2021-44910: SpringBlade - Information Leakage
- POC 2025-08-01CVE-2022-22947: Spring Cloud Gateway Code Injection
- POC 2025-08-01CVE-2022-22963: Spring Cloud - Remote Code Execution
- POC 2025-08-01CVE-2022-22965: Spring - Remote Code Execution
- POC 2025-08-01CVE-2022-32430: Lin CMS Spring Boot - Default JWT Token
- POC 2025-08-01CVE-2025-46822: Java-springboot-codebase 1.1 - Arbitrary File Read
- POC 2025-08-01CVE-2016-4977: Spring Security OAuth2 Remote Command Execution
- POC 2025-08-01CVE-2017-8046: Spring Data Rest RCE
- POC 2025-08-01CVE-2018-1273: Spring Data Commons - Remote Code Execution
- POC 2025-08-01CVE-2020-5405: Spring Cloud Directory Traversal
- POC 2025-08-01CVE-2020-5410: Spring Cloud Config Server Directory Traversal
- POC 2025-08-01CVE-2021-21234: Spring Boot Actuator Logview Directory Traversal
- POC 2025-08-01CVE-2021-44910: SpringBlade 框架默认 SIGN_KRY 秘钥漏洞
- POC 2025-08-01CVE-2022-22947: Spring Cloud Gateway Code Injection
- POC 2025-08-01CVE-2022-22963: Spring Cloud Function SPEL 远程命令执行漏洞
- POC 2025-08-01CVE-2022-22965: Spring - Remote Code Execution
- POC 2025-08-01e-cology-springframework-directory-traversal: 泛微OA e-cology springframework 目录遍历
- POC 2025-08-01jeespringcloud-uploadfile-fileupload: JeeSpringCloud uploadFile.jsp 任意文件上传
- POC 2025-08-01spring-expression-oob: Spring Expression Language - Out of Band Template Injection
- POC 2025-08-01springboot-admin-unauth: Spring boot Admin unauth
- POC 2025-08-01springboot-h2-db-rce: Spring Boot H2 Database RCE
- POC 2025-08-01spring-framework-exceptions: Spring Framework Exceptions
- POC 2025-08-01exposed-alps-spring: Exposed Spring Data REST Application-Level Profile Semantics (ALPS)
- POC 2025-08-01hikvision-env: Hikvision Springboot Env Actuator - Detect
- POC 2025-08-01spring-eureka: Spring Eureka Exposure
- POC 2025-08-01springboot-autoconfig: Detect Springboot autoconfig Actuator
- POC 2025-08-01springboot-beans: Detect Springboot Beans Actuator
- POC 2025-08-01springboot-caches: Springboot Actuator Caches
- POC 2025-08-01springboot-conditions: Detect Springboot Conditions Actuator
- POC 2025-08-01springboot-configprops: Detect Springboot Configprops Actuator
- POC 2025-08-01springboot-dump: Detect Springboot Dump Actuator
- POC 2025-08-01springboot-env: Springboot Env Actuator - Detect
- POC 2025-08-01springboot-features: Detects Springboot Features Actuator
- POC 2025-08-01springboot-flyway: Springboot Flyway API
- POC 2025-08-01springboot-gateway: Detect Spring Gateway Actuator
- POC 2025-08-01springboot-heapdump: Spring Boot Actuator - Heap Dump Detection
- POC 2025-08-01springboot-httptrace: Detect Springboot httptrace
- POC 2025-08-01springboot-integrationgraph: Springboot Actuator integrationgraph
- POC 2025-08-01springboot-jolokia: Detects Springboot Jolokia Actuator
- POC 2025-08-01springboot-liquidbase: Springboot Liquidbase API
- POC 2025-08-01springboot-logfile: Detects Springboot Logfile Actuator
- POC 2025-08-01springboot-loggers: Springboot Loggers - Exposure
- POC 2025-08-01springboot-mappings: Detect Springboot Mappings Actuator
- POC 2025-08-01springboot-metrics: Springboot Actuator Metrics - Exposure
- POC 2025-08-01springboot-startup: Springboot Actuator startup
- POC 2025-08-01springboot-threaddump: Detect Springboot Thread Dump page
- POC 2025-08-01springboot-trace: Detect Springboot Trace Actuator
- POC 2025-08-01springboot-actuators-jolokia-xxe: Spring Boot Actuators (Jolokia) XXE
- POC 2025-08-01springboot-h2-db-rce: Spring Boot H2 Database - Remote Command Execution
- POC 2025-08-01springboot-log4j-rce: Spring Boot - Remote Code Execution (Apache Log4j)
- POC 2025-08-01ecology-springframework-directory-traversal: Ecology Springframework - Local File Inclusion
- POC 2025-08-01CVE-2025-41243: Spring Cloud Gateway Server Webflux - Broken Access Control
- POC 2025-08-01springblade-detect: SpringBlade 框架
- 2025-06-30X-SpringBoot 路径遍历漏洞
- 2025-05-29spring eureka 存在未授权访问漏洞
- 2025-04-01SpringBlade /api/blade-resource/oss/list 信息泄露漏洞
- 2025-03-21SpringBlade /api/blade-develop/datasource/list 信息泄露漏洞
- 2024-12-18Spring Framework 特定条件下目录遍历漏洞
- 2024-12-09SpringBootCms 远程代码执行漏洞
- 2024-12-06Spring Cloud Data Flow 任意文件写入漏洞(CVE-2024-22263)
- 2024-11-20Spring Security 身份验证缺陷漏洞
- 2024-11-20VMware Spring Framework 安全缺陷漏洞 可致拒绝服务
- 2024-10-31Vmware Spring Security 访问控制不当漏洞
- 2024-10-28Spring-Framework代码执行漏洞(CVE-2016-1000027)
- 2024-10-18Spring Framework 输入验证不当漏洞
- 2024-10-18Spring Framework 路径遍历漏洞
- 2024-09-20Spring Cloud Data Flow 反序列化漏洞 可导致代码执行
- 2024-09-13Spring Framework 路径遍历漏洞
- 2024-08-19Vmware SpringFramework SPEL表达式 拒绝服务漏洞
- 2024-08-19Vmware SpringFramework 拒绝服务漏洞
- 2024-08-19Spring Boot actuator heapdump存在未授权漏洞
- 2024-08-12Pivotal Spring Framework CVE-2014-3625 目录遍历漏洞
- 2024-08-09SpringBlade dusual/list接口SQL注入
- 2024-08-09SpringBlade code/list SQL注入漏洞
- 2024-08-07SpringBlade usual/list SQL 注入漏洞
- 2024-08-07SpringBlade notice/list SQL 注入漏洞
- 2024-08-06SpringBlade notice list SQL注入漏洞
- 2024-08-02Spring Cloud Function SPEL functionRouter 接口远程命令执行漏洞(CVE-2022-22963)
- 2024-08-02SpringBlade /api/blade-log/usual/list SQL注入漏洞
- 2024-08-01SpringBlade menu SQL 注入漏洞
- 2024-08-01Jeect-boot FreeMarker 远程代码执行漏洞
- 2024-07-27Spring Cloud Data Flow 远程代码执行漏洞
- 2024-07-25SpringBlade export-user SQL注入漏洞
- 2024-07-18Spring Security 认证绕过漏洞
- 2024-07-12SpringBlade /api/blade-desk/notice/list SQL注入漏洞
- 2024-07-11SpringBlade /api/blade-system/menu/menu-list SQL注入漏洞
- 2024-07-02SpringBoot jolokia logback 任意代码执行漏洞
- 2024-06-14Spring Cloud Data Flow 任意文件上传漏洞
- 2024-06-07SpringBlade /api/blade-system/tenant/list SQL 注入漏洞
- 2024-06-03SpringBlade框架JWT认证缺陷漏洞(CVE-2021-44910)
- 2024-05-31SpringBlade /api/blade-log/api/list SQL注入漏洞
- 2024-05-31Spring Cloud Config CVE-2020-5410 目录遍历漏洞
- 2024-05-29SpringBlade tenant/list 存在sql注入漏洞
- 2024-05-17Spring Framework spring-messaging 模块代码执行漏洞
- 2024-05-17Spring Framework spring-messaging 模块代码执行漏洞
- 2024-04-19SpringBlade actuator 未授权访问漏洞
- 2024-04-11Spring Cloud Config Server 路径穿越导致文件读取漏洞(CVE-2020-5405)
- 2024-03-21SpringBlade框架 /api/blade-log/error/list 未授权访问漏洞
- 2024-03-16Spring Framework URL Host解析错误漏洞
- 2024-03-14SpringBlade JWT硬编码漏洞
- 2024-03-11SpringBlade error/list SQL注入漏洞
- 2024-03-06SpringBlade /api/blade-log/error/list 存在SQL注入漏洞
- 2024-02-27SpringBlade /api/blade-log/error/list 未授权漏洞
- 2024-02-27Spring Framework URL Host解析错误漏洞
- 2024-02-22Spring Cloud Function SPEL 表达式注入漏洞
- 2024-02-22Spring Cloud Gateway CVE-2022-22947远程代码执行漏洞
- 2024-02-22SpringSource Spring Framework远程代码执行漏洞
- 2024-02-22SpringSource Spring Framework远程代码执行漏洞
- 2024-02-22SpringSource Spring Framework远程代码执行漏洞
- 2024-02-22Spring Cloud Function CVE-2022-22979 拒绝服务漏洞
- 2024-02-22Spring Framework 拒绝服务漏洞
- 2024-02-21VMware Spring Security 权限绕过漏洞
- 2024-02-07Spring Kafka CVE-2023-34040 不安全的反序列化漏洞
- 2023-12-22Pivotal Software Spring Framework 目录遍历漏洞
- 2023-12-21SpringBoot spring.main.sources 属性存在远程命令执行
- 2023-12-21SpringBoot logging.config 属性存在远程命令执行
- 2023-12-21SpringBoot h2 database 远程命令执行
- 2023-12-19SpringBlade export-user 存在 SQL注入漏洞
- 2023-11-27SpringBoot Actuator heapdump 端点敏感信息泄露
- 2023-11-27SpringBoot Actuator shutdown 端点未授权访问
- 2023-11-27SpringBoot Actuator Jolokia 端点未授权访问
- 2023-10-17JeeSpringCloud uploadFile.jsp 文件上传
- 2023-10-16JeeSpringCloud文件上传
- 2023-10-12JeeSpringCloud uploadFile.jsp 文件上传漏洞
- 2023-08-30SpringBlade SQL注入漏洞
- 2023-08-01SpringBoot Actuator Jolokia 远程代码执行漏洞
- 2023-07-17SpringBlade框架 JWT认证缺陷漏洞
- 2023-06-13SpringBoot Devtool 默认key 远程代码执行漏洞
- 2023-06-12SpringBoot Actuator SnakeYAML 远程命令执行
- 2023-06-12SpringBlade 框架 默认 SIGN_KRY 秘钥漏洞
- 2023-06-12SpringBlade 框架后台 export-user 路径 SQL 注入漏洞
- 2022-05-09SpringBlade SQL注入漏洞
- 2022-04-13SpringBeans变量覆盖导致任意文件上传漏洞 状态码版(CVE-2022-22965))
- 2022-04-13SpringBeans变量覆盖导致任意文件上传漏洞复杂模式(CVE-2022-22965)
- 2022-04-06Spring Cloud Function SpEL表达式命令注入(CVE-2022-22963)
- 2022-03-31SpringBeans变量覆盖导致任意文件上传漏洞(CVE-2022-22965)
- 2022-03-29Spring Framework JDK >= 9 远程代码执行漏洞
- 2022-03-03Spring Cloud Gateway 远程代码执行漏洞(CVE-2022-22947)
- 2022-03-02Spring Cloud Gateway 远程代码执行漏洞(CVE-2022-22947)
- 2021-10-25Spring Boot 目录遍历(CVE-2021-21234)
- 2021-09-13Spring Data Rest 远程命令执行漏洞(CVE-2017-8046)
- 2021-08-03Spring Boot Admin管理控制台未授权访问
- 2021-07-21Spring Security OAuth2 远程命令执行漏洞(CVE-2016-4977)
- 2021-05-26Spring Boot env未授权访问
- 2021-03-15SpringBoot Actuator env 端点敏感信息泄露
- 2021-01-19CVE-2018-1273 Spring Data Commons 远程命令执行
- 2021-01-19SpringBoot druid数据库监控index.html-未授权访问
- 2021-01-19Spring Boot框架env接口-敏感信息泄露
- 2021-01-06Lukashinsch Spring Boot Actuator Logview 路径遍历漏洞
- 2020-07-31SpringBlade SQL注入漏洞
- 2020-06-02(CVE-2020-5410) Spring Cloud Config 目录遍历漏洞
- 2018-04-11Spring Data Commons 远程代码执行漏洞
- 2018-04-07 Spring Framework 目录穿越漏洞(CVE-2018-1271)
- 2018-04-06Pivotal Spring Framework 路径遍历漏洞
- 2018-01-04Pivotal Spring Data REST远程代码执行漏洞
- 2018-01-04Pivotal Spring Data REST 多版本 远程代码执行漏洞(CVE-2017-8046)
- 2017-06-13Pivotal Spring Web Flow远程代码执行漏洞
- 2017-05-26Spring Security OAuth SpEL注入漏洞(CVE-2016-4977)