CVE-2018-1271
- EPSS 90.93%
- Published 06.04.2018 13:29:00
- Last modified 21.11.2024 03:59:30
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to serve static resources (e.g. CSS, JS, images). When static resources are served from a file s...
CVE-2018-1272
- EPSS 2.17%
- Published 06.04.2018 13:29:00
- Last modified 21.11.2024 03:59:30
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, provide client-side support for multipart requests. When Spring MVC or Spring WebFlux server application (server A) receives input from a r...
CVE-2017-5645
- EPSS 94.01%
- Published 17.04.2017 21:59:00
- Last modified 20.04.2025 01:37:25
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
- EPSS 4.97%
- Published 21.07.2016 10:12:00
- Last modified 12.04.2025 10:46:40
Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2; the Oracle Health Sciences Information Manager component in Oracle Health Sciences Applications 1.2.8.3, 2....