CVE-2019-2771
- EPSS 0.22%
- Published 23.07.2019 23:15:40
- Last modified 21.11.2024 04:41:31
Vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Supported versions that are affected are 11.1.1.9.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low pr...
CVE-2019-2768
- EPSS 1.68%
- Published 23.07.2019 23:15:40
- Last modified 21.11.2024 04:41:31
Vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). The supported version that is affected is 11.1.1.9.0. Easily exploitable vulnerability allows unauthenticated atta...
CVE-2019-2767
- EPSS 53.45%
- Published 23.07.2019 23:15:40
- Last modified 21.11.2024 04:41:31
Vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). The supported version that is affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability...
CVE-2019-11358
- EPSS 2.4%
- Published 20.04.2019 00:29:00
- Last modified 21.11.2024 04:20:56
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the n...
CVE-2017-5645
- EPSS 94.01%
- Published 17.04.2017 21:59:00
- Last modified 20.04.2025 01:37:25
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.