Lucene search

Banking Trade Finance Process Management Security Vulnerabilities

cve

CVE-2022-22963

In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local...

9.8CVSS

9.4AI Score

0.975EPSS

2022-04-01 11:15 PM

1205

In Wild

cve

CVE-2021-23337

Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template...

7.2CVSS

7.4AI Score

0.006EPSS

2021-02-15 01:15 PM

236

cve

CVE-2020-28500

Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd...

5.3CVSS

6AI Score

0.002EPSS

2021-02-15 11:15 AM

164

cve

CVE-2020-8203

Prototype pollution attack when using _.zipObjectDeep in lodash before...

7.4CVSS

7AI Score

0.01EPSS

2020-07-15 05:15 PM

215

cve

CVE-2019-0228

Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted...

9.8CVSS

8.9AI Score

0.006EPSS

2019-04-17 03:29 PM