CVE-2019-10219
- EPSS 1.67%
- Published 08.11.2019 15:15:11
- Last modified 07.07.2025 14:15:21
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.
CVE-2019-16168
- EPSS 0.84%
- Published 09.09.2019 17:15:13
- Last modified 21.11.2024 04:30:11
In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."
CVE-2019-10086
- EPSS 0.26%
- Published 20.08.2019 21:15:12
- Last modified 21.11.2024 04:18:22
In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by defa...
CVE-2019-0227
- EPSS 90.74%
- Published 01.05.2019 21:29:00
- Last modified 08.05.2025 18:13:51
A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to buil...
CVE-2018-8032
- EPSS 2.34%
- Published 02.08.2018 13:29:00
- Last modified 08.05.2025 18:13:51
Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.