CVE-2020-2583
- EPSS 0.47%
- Veröffentlicht 15.01.2020 17:15:19
- Zuletzt bearbeitet 21.11.2024 05:25:37
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows...
CVE-2019-13118
- EPSS 1.03%
- Veröffentlicht 01.07.2019 02:15:09
- Zuletzt bearbeitet 21.11.2024 04:24:13
In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.
CVE-2019-0222
- EPSS 10.46%
- Veröffentlicht 28.03.2019 22:29:00
- Zuletzt bearbeitet 21.11.2024 04:16:31
In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive.
CVE-2019-7317
- EPSS 0.57%
- Veröffentlicht 04.02.2019 08:29:00
- Zuletzt bearbeitet 21.11.2024 04:48:00
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
CVE-2017-7658
- EPSS 11.35%
- Veröffentlicht 26.06.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 03:32:23
In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a...
CVE-2017-7657
- EPSS 7.64%
- Veröffentlicht 26.06.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 03:32:23
In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow...
CVE-2018-2826
- EPSS 2.92%
- Veröffentlicht 19.04.2018 02:29:05
- Zuletzt bearbeitet 06.05.2025 15:15:56
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols t...
CVE-2018-2825
- EPSS 1.13%
- Veröffentlicht 19.04.2018 02:29:05
- Zuletzt bearbeitet 06.05.2025 15:15:56
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols t...
CVE-2018-2638
- EPSS 0.75%
- Veröffentlicht 18.01.2018 02:29:20
- Zuletzt bearbeitet 21.11.2024 04:04:07
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...
CVE-2018-2627
- EPSS 0.51%
- Veröffentlicht 18.01.2018 02:29:20
- Zuletzt bearbeitet 06.05.2025 15:15:55
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure ...