CVE-2020-36518
- EPSS 0.6%
- Veröffentlicht 11.03.2022 07:15:07
- Zuletzt bearbeitet 27.08.2025 21:15:36
jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.
CVE-2021-2351
- EPSS 3.54%
- Veröffentlicht 21.07.2021 15:15:21
- Zuletzt bearbeitet 21.11.2024 06:02:56
Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracl...
CVE-2021-33037
- EPSS 3.1%
- Veröffentlicht 12.07.2021 15:15:08
- Zuletzt bearbeitet 21.11.2024 06:08:10
Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specific...
- EPSS 0.8%
- Veröffentlicht 01.03.2021 12:15:14
- Zuletzt bearbeitet 21.11.2024 05:54:45
The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnera...
CVE-2021-25122
- EPSS 2.56%
- Veröffentlicht 01.03.2021 12:15:13
- Zuletzt bearbeitet 21.11.2024 05:54:23
When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers and a limited amount of request body from one request to another meaning user A and use...
CVE-2019-10219
- EPSS 1.67%
- Veröffentlicht 08.11.2019 15:15:11
- Zuletzt bearbeitet 07.07.2025 14:15:21
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.