CVE-2020-14557
- EPSS 1.32%
- Veröffentlicht 15.07.2020 18:15:20
- Zuletzt bearbeitet 21.11.2024 05:03:32
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Difficult to exploit vulnerability allows unauthen...
CVE-2020-10693
- EPSS 2.29%
- Veröffentlicht 06.05.2020 14:15:10
- Zuletzt bearbeitet 21.11.2024 04:55:52
A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation (escaping, stripping...
CVE-2020-11022
- EPSS 99.02%
- Veröffentlicht 29.04.2020 22:15:11
- Zuletzt bearbeitet 13.04.2026 15:16:29
In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in...
CVE-2020-11023
- EPSS 83.83%
- Veröffentlicht 29.04.2020 21:15:11
- Zuletzt bearbeitet 07.11.2025 19:32:52
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may ex...
CVE-2020-9488
- EPSS 8.1%
- Veröffentlicht 27.04.2020 16:15:12
- Zuletzt bearbeitet 29.05.2026 18:16:27
Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Lo...
CVE-2020-2963
- EPSS 1.38%
- Veröffentlicht 15.04.2020 14:15:38
- Zuletzt bearbeitet 21.11.2024 05:26:44
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows high privil...
CVE-2020-2934
- EPSS 3.2%
- Veröffentlicht 15.04.2020 14:15:36
- Zuletzt bearbeitet 21.11.2024 05:26:40
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.19 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network ac...
CVE-2020-2883
- EPSS 94.93%
- Veröffentlicht 15.04.2020 14:15:33
- Zuletzt bearbeitet 27.10.2025 17:08:56
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated att...
CVE-2020-2884
- EPSS 2.23%
- Veröffentlicht 15.04.2020 14:15:33
- Zuletzt bearbeitet 21.11.2024 05:26:32
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated att...
CVE-2020-2867
- EPSS 1.34%
- Veröffentlicht 15.04.2020 14:15:32
- Zuletzt bearbeitet 21.11.2024 05:26:29
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attack...