CVE-2016-9843
- EPSS 15.07%
- Veröffentlicht 23.05.2017 04:29:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
CVE-2017-5645
- EPSS 94.01%
- Veröffentlicht 17.04.2017 21:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
CVE-2016-7103
- EPSS 1.4%
- Veröffentlicht 15.03.2017 16:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
CVE-2010-5312
- EPSS 5.93%
- Veröffentlicht 24.11.2014 16:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.
- EPSS 1.32%
- Veröffentlicht 30.04.2007 23:19:00
- Zuletzt bearbeitet 23.04.2026 00:35:47
The jQuery framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIP...