CVE-2019-2904
- EPSS 21.04%
- Published 16.10.2019 18:15:27
- Last modified 21.11.2024 04:41:46
Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware (component: ADF Faces). Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacke...
CVE-2018-15756
- EPSS 13.38%
- Published 18.10.2018 22:29:00
- Last modified 21.11.2024 03:51:24
Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler,...
CVE-2018-11039
- EPSS 2.92%
- Published 25.06.2018 15:29:00
- Last modified 21.11.2024 03:42:32
Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web applications to change the HTTP request method to any HTTP method (including TRACE) using the HiddenHttpMethodFilter in Spring ...
CVE-2018-11040
- EPSS 8.25%
- Published 25.06.2018 15:29:00
- Last modified 21.11.2024 03:42:32
Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through AbstractJsonpResponseBodyAdvice for REST controlle...