CVE-2020-24750
- EPSS 2.11%
- Published 17.09.2020 19:15:13
- Last modified 21.11.2024 05:16:00
FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.
CVE-2020-24616
- EPSS 3.78%
- Published 25.08.2020 18:15:11
- Last modified 21.11.2024 05:15:09
FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP).
CVE-2020-12723
- EPSS 0.18%
- Published 05.06.2020 15:15:10
- Last modified 21.11.2024 05:00:08
regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.
CVE-2020-10878
- EPSS 0.11%
- Published 05.06.2020 14:15:10
- Last modified 21.11.2024 04:56:16
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.
CVE-2020-10543
- EPSS 3.94%
- Published 05.06.2020 14:15:10
- Last modified 21.11.2024 04:55:32
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.
CVE-2020-9488
- EPSS 0.01%
- Published 27.04.2020 16:15:12
- Last modified 21.11.2024 05:40:45
Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Lo...
CVE-2019-10219
- EPSS 1.67%
- Published 08.11.2019 15:15:11
- Last modified 07.07.2025 14:15:21
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.