CVE-2019-2904
- EPSS 21.04%
- Veröffentlicht 16.10.2019 18:15:27
- Zuletzt bearbeitet 21.11.2024 04:41:46
Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware (component: ADF Faces). Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacke...
CVE-2018-15756
- EPSS 13.38%
- Veröffentlicht 18.10.2018 22:29:00
- Zuletzt bearbeitet 21.11.2024 03:51:24
Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler,...
CVE-2018-11039
- EPSS 2.92%
- Veröffentlicht 25.06.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 03:42:32
Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web applications to change the HTTP request method to any HTTP method (including TRACE) using the HiddenHttpMethodFilter in Spring ...
CVE-2018-11040
- EPSS 8.25%
- Veröffentlicht 25.06.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 03:42:32
Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through AbstractJsonpResponseBodyAdvice for REST controlle...