CVE-2021-44832

all versions

Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code

6.6MEDIUM

CVE-2021-2351

all versions

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1

8.3HIGH

CVE-2021-22118

all versions

In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a pr

7.8HIGH

CVE-2021-29425

all versions

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo",

4.8MEDIUM

CVE-2020-11979

all versions

As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current u

7.5HIGH

CVE-2020-5421

all versions

In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the pr

6.5MEDIUM

CVE-2020-1945

all versions

Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.

6.3MEDIUM

CVE-2020-9488

all versions

Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be in

3.7LOW

CVE-2020-5397

all versions

Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring

5.3MEDIUM

CVE-2020-5398

all versions

In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an applica

7.5HIGH

CVE-2020-2555

all versions

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported ve

9.8CRITICAL

CVE-2019-10219

all versions

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting

6.1MEDIUM

CVE-2019-2904

all versions

Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware (component: ADF Faces). Supported versions that

9.8CRITICAL

CVE-2019-17091

all versions

faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaSe

6.1MEDIUM

CVE-2019-3740

all versions

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities du

6.5MEDIUM

CVE-2019-3739

all versions

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities durin

6.5MEDIUM

CVE-2019-3738

all versions

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. A malicious remo

6.5MEDIUM

CVE-2018-15756

all versions

Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on t

7.5HIGH

CVE-2018-11039

all versions

Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web applica

5.9MEDIUM

CVE-2018-1258

all versions

Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when

8.8HIGH