CVE-2021-4160
- EPSS 3.8%
- Veröffentlicht 28.01.2022 22:15:15
- Zuletzt bearbeitet 21.11.2024 06:37:02
There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlik...
CVE-2022-23437
- EPSS 4.44%
- Veröffentlicht 24.01.2022 15:15:09
- Zuletzt bearbeitet 21.11.2024 06:48:33
There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolon...
CVE-2022-21359
- EPSS 0.83%
- Veröffentlicht 19.01.2022 12:15:15
- Zuletzt bearbeitet 21.11.2024 06:44:30
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Optimization Framework). Supported versions that are affected are 8.57, 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker wi...
- EPSS 1.53%
- Veröffentlicht 19.01.2022 12:15:15
- Zuletzt bearbeitet 21.11.2024 06:44:31
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Weblogic). Supported versions that are affected are 8.57, 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network acc...
CVE-2022-21369
- EPSS 0.83%
- Veröffentlicht 19.01.2022 12:15:15
- Zuletzt bearbeitet 21.11.2024 06:44:32
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Rich Text Editor). Supported versions that are affected are 8.57, 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with net...
- EPSS 0.93%
- Veröffentlicht 19.01.2022 12:15:14
- Zuletzt bearbeitet 21.11.2024 06:44:28
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Security). Supported versions that are affected are 8.58 and 8.59. Easily exploitable vulnerability allows low privileged attacker with network access via...
CVE-2022-21272
- EPSS 0.83%
- Veröffentlicht 19.01.2022 12:15:11
- Zuletzt bearbeitet 21.11.2024 06:44:15
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.57, 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network acces...
CVE-2021-45105
- EPSS 100%
- Veröffentlicht 18.12.2021 12:15:07
- Zuletzt bearbeitet 29.05.2026 13:16:19
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service wh...
CVE-2021-43797
- EPSS 2.68%
- Veröffentlicht 09.12.2021 19:15:07
- Zuletzt bearbeitet 21.11.2024 06:29:48
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. Netty prior to version 4.1.71.Final skips control chars when they are present at the beginning / en...
CVE-2021-41165
- EPSS 1.47%
- Veröffentlicht 17.11.2021 20:15:10
- Zuletzt bearbeitet 21.11.2024 06:25:38
CKEditor4 is an open source WYSIWYG HTML editor. In affected version a vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed comments HTML byp...