2021-08-23 | CVE-2021-39149 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. | 8.5 |
2021-08-23 | CVE-2021-39151 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. | 8.5 |
2021-08-23 | CVE-2021-39153 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. | 8.5 |
2021-08-23 | CVE-2021-39154 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. | 8.5 |
2021-07-14 | CVE-2021-36373 | When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs. | 5.5 |
2021-07-14 | CVE-2021-36374 | When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs. | 5.5 |
2021-01-20 | CVE-2020-14756 | Unspecified vulnerability in Oracle Coherence and Utilities Framework Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core Components). | 7.5 |
2020-10-21 | CVE-2020-14895 | Unspecified vulnerability in Oracle Utilities Framework Vulnerability in the Oracle Utilities Framework product of Oracle Utilities Applications (component: System Wide). | 5.5 |
2020-05-14 | CVE-2020-1945 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. | 6.3 |
2020-05-01 | CVE-2020-10683 | XXE vulnerability in multiple products dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. | 9.8 |