| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-29567 | Possible information disclosure inside TreeGrid component with default data provider | Vaadin | vaadin | Medium | 5.7 | 2022-05-24 14:20:19 | Deep Dive |
| CVE-2022-1269 | Fast Flow < 1.2.12 - Reflected Cross-Site Scripting | Unknown | Fast Flow | 中危 | - | 2022-05-02 16:05:53 | Deep Dive |
| CVE-2022-28775 | Samsung Flow 安全漏洞 | Samsung Mobile | Samsung Flow | Medium | 5.1 | 2022-04-11 19:37:42 | Deep Dive |
| CVE-2022-28543 | Samsung Flow 路径遍历漏洞 | Samsung Mobile | Samsung Flow | Medium | 4.0 | 2022-04-11 19:37:36 | Deep Dive |
| CVE-2021-44050 | Broadcom CA Network Flow Analysis SQL注入漏洞 | - | CA Network Flow Analysis (NFA) | 中危 | - | 2021-12-02 18:18:41 | Deep Dive |
| CVE-2021-25509 | Samsung Flow 输入验证错误漏洞 | Samsung Mobile | Samsung Flow | Medium | 5.9 | 2021-11-05 02:04:17 | Deep Dive |
| CVE-2021-25507 | SAMSUNG Flow 安全漏洞 | Samsung Mobile | Samsung Flow | Medium | 5.7 | 2021-11-05 02:04:03 | Deep Dive |
| CVE-2021-33605 | Unauthorized property update in CheckboxGroup component in Vaadin 12-14 and 15-20 | Vaadin | Vaadin | Medium | 4.3 | 2021-08-25 12:12:42 | Deep Dive |
| CVE-2021-31412 | Possible route enumeration in production mode via RouteNotFoundError view in Vaadin 10, 11-14, and 15-19 | Vaadin | Vaadin | Medium | 5.3 | 2021-06-24 11:33:11 | Deep Dive |
| CVE-2021-33604 | Reflected cross-site scripting in development mode handler in Vaadin 14, 15-19 | Vaadin | Vaadin | Low | 2.5 | 2021-06-24 11:16:27 | Deep Dive |
| CVE-2021-31411 | Insecure temporary directory usage in frontend build functionality of Vaadin 14 and 15-19 | Vaadin | Vaadin | Medium | 6.3 | 2021-05-05 18:15:13 | Deep Dive |
| CVE-2021-31408 | Server session is not invalidated when logout() helper method of Authentication module is used in Vaadin 18-19 | Vaadin | Vaadin | Medium | 6.3 | 2021-04-23 16:07:17 | Deep Dive |
| CVE-2021-31406 | Timing side channel vulnerability in endpoint request handler in Vaadin 15-19 | Vaadin | Vaadin | Medium | 4.0 | 2021-04-23 16:05:41 | Deep Dive |
| CVE-2020-36321 | Directory traversal in development mode handler in Vaadin 14 and 15-17 | Vaadin | Vaadin | Medium | 5.9 | 2021-04-23 16:05:41 | Deep Dive |
| CVE-2020-36319 | Potential sensitive data exposure in applications using Vaadin 15 | Vaadin | Vaadin | Low | 3.1 | 2021-04-23 16:05:41 | Deep Dive |
| CVE-2021-31404 | Timing side channel vulnerability in UIDL request handler in Vaadin 10, 11-14, and 15-18 | Vaadin | Vaadin | Medium | 4.0 | 2021-04-23 16:05:41 | Deep Dive |
| CVE-2021-31407 | Server classes and resources exposure in OSGi applications using Vaadin 12-14 and 19 | Vaadin | Vaadin | High | 8.6 | 2021-04-23 16:05:41 | Deep Dive |
| CVE-2021-31405 | Regular expression denial of service (ReDoS) in EmailField component in Vaadin 14 and 15-17 | Vaadin | Vaadin | High | 7.5 | 2021-04-23 16:05:41 | Deep Dive |
| CVE-2019-25027 | Reflected cross-site scripting in default RouteNotFoundError view in Vaadin 10 and 11-13 | Vaadin | Vaadin | Medium | 6.1 | 2021-04-23 16:05:40 | Deep Dive |
| CVE-2018-25007 | Unauthorized client-side property update in UIDL request handler in Vaadin 10 and 11 | Vaadin | Vaadin | Low | 2.6 | 2021-04-23 16:05:40 | Deep Dive |