CVE-2025-53031
- EPSS 0.04%
- Published 15.07.2025 19:27:55
- Last modified 24.07.2025 20:34:58
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform). Supported versions that are affected are 8.0.7.8, 8.0.8.5, 8.0.8.6, 8.1.1.4 and 8.1.2.5. ...
CVE-2023-21901
- EPSS 0.17%
- Published 16.01.2024 22:15:37
- Last modified 11.06.2025 17:15:31
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 8.0.7, 8.0.8, 8.0.9, 8.1.0, 8.1.1 and 8.1....
CVE-2022-22965
- EPSS 94.44%
- Published 01.04.2022 23:15:13
- Last modified 10.04.2025 16:56:46
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Sp...
CVE-2022-22963
- EPSS 94.46%
- Published 01.04.2022 23:15:13
- Last modified 13.03.2025 16:36:53
In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access ...
CVE-2022-24729
- EPSS 0.51%
- Published 16.03.2022 17:15:07
- Last modified 21.11.2024 06:50:57
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the `dialog` plugin. The vulnerability allows abuse of a dialog input validator regular expression, which can cause a ...
CVE-2022-24728
- EPSS 0.72%
- Published 16.03.2022 16:15:10
- Last modified 21.11.2024 06:50:57
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability allows someone to in...
CVE-2020-36518
- EPSS 0.6%
- Published 11.03.2022 07:15:07
- Last modified 27.08.2025 21:15:36
jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.
CVE-2022-23437
- EPSS 0.09%
- Published 24.01.2022 15:15:09
- Last modified 21.11.2024 06:48:33
There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolon...
- EPSS 1.18%
- Published 19.01.2022 12:15:09
- Last modified 21.11.2024 06:12:46
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Unified Metadata Manager). Supported versions that are affected are 8.0.7-8.1.1. Easily exploitable vu...
- EPSS 0.3%
- Published 19.01.2022 12:15:09
- Last modified 21.11.2024 06:12:46
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Unified Metadata Manager). Supported versions that are affected are 8.0.7-8.1.1. Easily exploitable vu...