CVE-2016-9843
- EPSS 9.18%
- Veröffentlicht 23.05.2017 04:29:01
- Zuletzt bearbeitet 20.04.2025 01:37:25
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
CVE-2017-5645
- EPSS 94.01%
- Veröffentlicht 17.04.2017 21:59:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
CVE-2016-7103
- EPSS 1.38%
- Veröffentlicht 15.03.2017 16:59:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
CVE-2010-5312
- EPSS 3.66%
- Veröffentlicht 24.11.2014 16:59:00
- Zuletzt bearbeitet 12.04.2025 10:46:40
Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.
- EPSS 1.09%
- Veröffentlicht 30.04.2007 23:19:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
The jQuery framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIP...