CVE-2020-1945
- EPSS 0.02%
- Published 14.05.2020 16:15:12
- Last modified 21.11.2024 05:11:42
Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files fr...
CVE-2020-11023
- EPSS 21.32%
- Published 29.04.2020 21:15:11
- Last modified 24.01.2025 02:00:02
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may ex...
CVE-2019-2904
- EPSS 21.04%
- Published 16.10.2019 18:15:27
- Last modified 21.11.2024 04:41:46
Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware (component: ADF Faces). Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacke...
CVE-2019-11358
- EPSS 2.4%
- Published 20.04.2019 00:29:00
- Last modified 21.11.2024 04:20:56
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the n...