Filter
AND
AngularJSAngularJS improper sanitization in '<source>' element
4.8
EPSS
0.05%
First published (updated )
AngularJSAngularJS improper sanitization in 'srcset' attribute
4.8
EPSS
0.05%
First published (updated )
Mortbay JettyJetty connection leaking on idle timeout when TCP congested
7.5
First published (updated )
maven/org.springframework.security:spring-security-coreIn Spring Security, versions 5.7.x prior to 5.7.8, versions 5.8.x prior to 5.8.3, and versions 6.0.x…
6.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
oracle communications Cloud native core binding support functionVulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported v…
5.3
First published (updated )
NetApp Active IQ Unified ManagerActive IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 …
6.5
First published (updated )
maven/org.jboss.resteasy:resteasy-coreIn RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and M…
5.5
First published (updated )
NetApp Active IQ Unified ManagerActive IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.10P1 …
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/eap7-undertowA flaw was found in Undertow. Denial of service can be achieved as Undertow server waits for the LAS…
4.9
First published (updated )
redhat/spring-securityA flaw was found in Spring Security. When using RegexRequestMatcher, an easy misconfiguration can by…
9.8
First published (updated )
redhat/springframeworkA flaw was found in Spring Framework. Applications that handle file uploads are vulnerable to a deni…
7.5
First published (updated )
redhat/eap7-nettyLocal Information Disclosure Vulnerability in io.netty:netty-codec-http
5.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
ubuntu/libgoogle-gson-javaDeserialization of Untrusted Data
7.7
First published (updated )
Oracle WebLogic ServerCross-site Scripting in org.owasp.esapi:esapi -- antisamy-esapi.xml configuration file
6.1
First published (updated )
Red Hat UndertowA flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response pack…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/eap7-undertowA flaw was found in Undertow. A potential security issue in flow control handling by the browser ove…
7.5
First published (updated )
maven/org.apache.poi:poi-scratchpadA carefully crafted TNEF file can cause an out of memory exception
5.5
First published (updated )
Cisco Webex Meetings Server SoftwareApache log4j2 log messages substitution (CVE-2021-44228)
First published (updated )
IBM QRadar Security Information and Event ManagerIn Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is p…
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Oracle Insurance Policy Administration J2EEApache Commons Compress 1.6 to 1.20 denial of service vulnerability
7.5
First published (updated )
Oracle Banking Digital ExperienceApache Commons Compress 1.6 to 1.20 denial of service vulnerability
7.5
First published (updated )
Oracle Banking APIsApache Commons Compress 1.0 to 1.20 denial of service vulnerability
7.5
First published (updated )
Oracle Banking APIsApache Commons Compress 1.1 to 1.20 denial of service vulnerability
7.5
First published (updated )
redhat/jettyEclipse Jetty could allow a physical attacker to bypass security restrictions, caused by a session I…
3.6
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.