CVE-2019-13990 — CVSS 9.8 (critical): initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job…
CVE-2020-14583 — CVSS 8.3 (high): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are…
CVE-2020-14664 — CVSS 8.3 (high): Vulnerability in the Java SE product of Oracle Java SE (component: JavaFX). The supported version that is affected is Java SE: 8u251…
CVE-2022-1319 — CVSS 7.5 (high): A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse…
CVE-2022-21476 — CVSS 7.5 (high): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions…
CVE-2021-3859 — CVSS 7.5 (high): A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an…
CVE-2022-34169 — CVSS 7.5 (high): The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be…
CVE-2022-1259 — CVSS 7.5 (high): A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial…
CVE-2020-14593 — CVSS 7.4 (high): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE…
CVE-2022-22971 — CVSS 6.5 (medium): In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is…
CVE-2021-21290 — CVSS 6.2 (medium): Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance…
CVE-2022-21541 — CVSS 5.9 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions…
CVE-2022-21496 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that…
CVE-2020-14621 — CVSS 5.3 (medium): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supported versions that are affected are Java…
CVE-2022-21296 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that…
CVE-2022-21299 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that…
CVE-2022-21305 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions…
CVE-2022-21340 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions…
CVE-2022-21341 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported…
CVE-2022-21360 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions…
CVE-2022-21365 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions…
CVE-2022-21366 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions…
CVE-2022-21426 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that…
CVE-2022-21434 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions…
CVE-2022-21540 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions…
CVE-2022-21549 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions…
CVE-2022-21618 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that…
CVE-2022-21626 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions…
CVE-2022-21628 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server)…
CVE-2022-22968 — CVSS 5.3 (medium): In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions, the patterns for disallowedFields on a…
CVE-2022-22970 — CVSS 5.3 (medium): In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable…
CVE-2020-2781 — CVSS 5.3 (medium): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java…
CVE-2022-21271 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions…
CVE-2022-21277 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions…
CVE-2022-21282 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that…
CVE-2022-21283 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions…
CVE-2022-21291 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions…
CVE-2022-21293 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions…
CVE-2022-21294 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions…
CVE-2022-2764 — CVSS 4.9 (medium): A flaw was found in Undertow. Denial of service can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations.
CVE-2020-2767 — CVSS 4.8 (medium): Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.6 and 14…
CVE-2020-14556 — CVSS 4.8 (medium): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are…
CVE-2020-2757 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected…
CVE-2020-2756 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected…
CVE-2020-2755 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are…
CVE-2022-21248 — CVSS 3.7 (low): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported…
CVE-2020-14578 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are…
CVE-2022-39399 — CVSS 3.7 (low): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported…
CVE-2022-21619 — CVSS 3.7 (low): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions…
CVE-2022-21624 — CVSS 3.7 (low): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that…
CVE-2020-14577 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java…
CVE-2022-21443 — CVSS 3.7 (low): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions…
CVE-2020-2778 — CVSS 3.7 (low): Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.6 and 14…
CVE-2020-14581 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE…
CVE-2020-14579 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are…
CVE-2020-2773 — CVSS 3.7 (low): Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are…