CVSS: 5.9EPSS: 65%CPEs: 213EXPL: 10CVE-2021-45105 – Apache Log4j2 does not always protect from infinite recursion in lookup evaluation
https://notcve.org/view.php?id=CVE-2021-45105
18 Dec 2021 — Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue was fixed in Log4j 2.17.0, 2.12.3, and 2.3.1. Apache Log4j2 versiones 2.0-alpha1 hasta 2.16.0 (excluyendo las versiones 2.12.3 y 2.3.1) no protegían de la recursión no controlada de las búsquedas autorreferenciales.... • https://github.com/thedevappsecguy/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105--CVE-2021-44832 • CWE-20: Improper Input Validation CWE-674: Uncontrolled Recursion •
CVSS: 8.3EPSS: 1%CPEs: 248EXPL: 6CVE-2021-2351 – Oracle Database Weak NNE Integrity Key Derivation
https://notcve.org/view.php?id=CVE-2021-2351
20 Jul 2021 — Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Advanced Networking Option, attacks may significantly impact additional products. Successful atta... • https://packetstorm.news/files/id/165258 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-384: Session Fixation •
CVSS: 6.1EPSS: 0%CPEs: 28EXPL: 0CVE-2021-35043
https://notcve.org/view.php?id=CVE-2021-35043
19 Jul 2021 — OWASP AntiSamy before 1.6.4 allows XSS via HTML attributes when using the HTML output serializer (XHTML is not affected). This was demonstrated by a javascript: URL with : as the replacement for the : character. OWASP AntiSamy versiones anteriores a 1.6.4, permite un ataque de tipo XSS por medio de atributos HTML cuando se usa el serializador de salida HTML (XHTML no está afectado). Esto fue demostrado por un javascript: URL con : como reemplazo del carácter • https://github.com/nahsra/antisamy/pull/87 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 72EXPL: 0CVE-2021-36090 – Apache Commons Compress 1.0 to 1.20 denial of service vulnerability
https://notcve.org/view.php?id=CVE-2021-36090
13 Jul 2021 — When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' zip package. Al leer un archivo ZIP especialmente diseñado, Compress puede asignar grandes cantidades de memoria que finalmente conllevan a un error de falta de memoria incluso para entradas muy pequeñas. Esto podría ser usado para montar un ata... • http://www.openwall.com/lists/oss-security/2021/07/13/4 • CWE-130: Improper Handling of Length Parameter Inconsistency CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.8EPSS: 0%CPEs: 136EXPL: 1CVE-2021-29425 – Possible limited path traversal vulnerabily in Apache Commons IO
https://notcve.org/view.php?id=CVE-2021-29425
13 Apr 2021 — In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value. En Apache Commons IO versiones anteriores a 2.7, Cuando se invoca el método FileNameUtils.normalize con una cadena de entrada inapropiada, como... • https://issues.apache.org/jira/browse/IO-556 • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.0EPSS: 10%CPEs: 28EXPL: 0CVE-2020-13936 – Velocity Sandbox Bypass
https://notcve.org/view.php?id=CVE-2020-13936
10 Mar 2021 — An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity templates running Apache Velocity Engine versions up to 2.2. Un atacante que es capaz de modificar las plantillas de Velocity puede ejecutar código Java arbitrario o ejecutar comandos de sistema arbitrarios con los mismos privilegios que la... • http://www.openwall.com/lists/oss-security/2021/03/10/1 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.5EPSS: 71%CPEs: 13EXPL: 0CVE-2020-6950 – Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371
https://notcve.org/view.php?id=CVE-2020-6950
12 May 2020 — Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via the loc parameter or con parameter. Una vulnerabilidad de Salto de Directorio en Eclipse Mojarra versiones anteriores a 2.3.14, permite a atacantes leer archivos arbitrarios por medio del parámetro loc o del parámetro con A flaw was found in Eclipse Mojarra before version 2.3.14, where it is vulnerable to a path traversal flaw via the loc parameter or the con parameter. An attacker could exploit this flaw to re... • https://bugs.eclipse.org/bugs/show_bug.cgi?id=550943 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.1EPSS: 0%CPEs: 24EXPL: 0CVE-2020-9281 – Ubuntu Security Notice USN-5340-1
https://notcve.org/view.php?id=CVE-2020-9281
07 Mar 2020 — A cross-site scripting (XSS) vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment (with the cke_protected syntax). Una vulnerabilidad de tipo cross-site scripting (XSS) en el HTML Data Processor for CKEditor versiones 4.0 anteriores a 4.14, permite a atacantes remotos inyectar script web arbitrario por medio de un comentario "protected" diseñado (con la sintaxis cke_protected). Kyaw Min Thein discov... • https://github.com/ckeditor/ckeditor4 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 1%CPEs: 429EXPL: 0CVE-2019-10219 – hibernate-validator: safeHTML validator allows XSS
https://notcve.org/view.php?id=CVE-2019-10219
08 Nov 2019 — A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack. Una vulnerabilidad fue encontrada en Hibernate-Validator. La anotación del validador SafeHtml no puede sanear apropiadamente las cargas útiles que consisten en código potencialmente malicioso en los comentarios e instrucciones HTML. • https://access.redhat.com/errata/RHSA-2020:0159 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •