CVE-2020-2555
- EPSS 93.16%
- Veröffentlicht 15.01.2020 17:15:17
- Zuletzt bearbeitet 14.02.2025 16:47:18
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows una...
CVE-2019-10219
- EPSS 1.67%
- Veröffentlicht 08.11.2019 15:15:11
- Zuletzt bearbeitet 07.07.2025 14:15:21
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.
CVE-2019-17195
- EPSS 11.34%
- Veröffentlicht 15.10.2019 14:15:12
- Zuletzt bearbeitet 21.11.2024 04:31:50
Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass.
CVE-2019-17091
- EPSS 8.42%
- Veröffentlicht 02.10.2019 14:15:12
- Zuletzt bearbeitet 21.11.2024 04:31:40
faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaServer Faces before 2.2.20, allows Reflected XSS because a client window field is mishandled.