CVE-2020-9548
- EPSS 18.35%
- Veröffentlicht 02.03.2020 04:15:11
- Zuletzt bearbeitet 21.11.2024 05:40:50
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).
CVE-2020-9546
- EPSS 4.61%
- Veröffentlicht 02.03.2020 04:15:10
- Zuletzt bearbeitet 29.04.2026 20:24:13
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).
CVE-2019-20388
- EPSS 4.39%
- Veröffentlicht 21.01.2020 23:15:13
- Zuletzt bearbeitet 17.12.2025 22:15:55
xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.
CVE-2020-7595
- EPSS 7.84%
- Veröffentlicht 21.01.2020 23:15:13
- Zuletzt bearbeitet 03.12.2025 16:15:54
xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.
CVE-2020-5397
- EPSS 2.38%
- Veröffentlicht 17.01.2020 19:15:14
- Zuletzt bearbeitet 21.11.2024 05:34:03
Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC (spring-webmvc module) or Spring WebFlux (spring-webflux module) endpoints. Only non-authenticated endpoints are vul...
CVE-2020-5398
- EPSS 88.08%
- Veröffentlicht 17.01.2020 00:15:12
- Zuletzt bearbeitet 21.11.2024 05:34:04
In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response...
CVE-2020-2642
- EPSS 1.23%
- Veröffentlicht 15.01.2020 17:15:23
- Zuletzt bearbeitet 21.11.2024 05:25:51
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Connector Framework). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privil...
CVE-2020-2643
- EPSS 1.16%
- Veröffentlicht 15.01.2020 17:15:23
- Zuletzt bearbeitet 21.11.2024 05:25:52
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Job System). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged atta...
CVE-2020-2644
- EPSS 1.21%
- Veröffentlicht 15.01.2020 17:15:23
- Zuletzt bearbeitet 21.11.2024 05:25:52
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Oracle Management Service). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high ...
CVE-2020-2645
- EPSS 1.21%
- Veröffentlicht 15.01.2020 17:15:23
- Zuletzt bearbeitet 21.11.2024 05:25:52
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Connector Framework). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privil...