CVE-2026-35293
- EPSS 0.48%
- Veröffentlicht 16.06.2026 19:27:02
- Zuletzt bearbeitet 16.06.2026 19:27:02
Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: WebCenter Sites). The supported version that is affected is 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access...
CVE-2024-20908
- EPSS 0.33%
- Veröffentlicht 16.01.2024 22:15:38
- Zuletzt bearbeitet 21.11.2024 08:53:24
Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: Advanced UI). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via...
CVE-2021-45105
- EPSS 100%
- Veröffentlicht 18.12.2021 12:15:07
- Zuletzt bearbeitet 29.05.2026 13:16:19
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service wh...
CVE-2021-32808
- EPSS 1.19%
- Veröffentlicht 12.08.2021 17:15:08
- Zuletzt bearbeitet 21.11.2024 06:07:47
ckeditor is an open source WYSIWYG HTML editor with rich content support. A vulnerability has been discovered in the clipboard Widget plugin if used alongside the undo feature. The vulnerability allows a user to abuse undo functionality using malform...
CVE-2021-29505
- EPSS 77.74%
- Veröffentlicht 28.05.2021 21:15:08
- Zuletzt bearbeitet 30.05.2025 00:15:20
XStream is software for serializing Java objects to XML and back again. A vulnerability in XStream versions prior to 1.4.17 may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input str...
CVE-2021-27906
- EPSS 3.34%
- Veröffentlicht 19.03.2021 16:15:13
- Zuletzt bearbeitet 21.11.2024 05:58:45
A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.
CVE-2021-27807
- EPSS 2.98%
- Veröffentlicht 19.03.2021 16:15:13
- Zuletzt bearbeitet 21.11.2024 05:58:36
A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.
CVE-2021-26272
- EPSS 2.22%
- Veröffentlicht 26.01.2021 21:15:12
- Zuletzt bearbeitet 21.11.2024 05:56:00
It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted URL-like text into the editor, and then press Enter or Space (in the Autolink plugin).
CVE-2021-26271
- EPSS 1.96%
- Veröffentlicht 26.01.2021 21:15:12
- Zuletzt bearbeitet 21.11.2024 05:56:00
It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted text into the Styles input of specific dialogs (in the Advanced Tab for Dialogs plugin).
CVE-2020-14613
- EPSS 1.08%
- Veröffentlicht 15.07.2020 18:15:26
- Zuletzt bearbeitet 21.11.2024 05:03:41
Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: Advanced User Interface). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker...