📦 Primavera Unifier

CVE-2021-42575 is a critical vulnerability in the OWASP Java HTML Sanitizer that allows bypassing HTML sanitization policies for SELECT, STYLE, and OPTION elements. This enables cross-site scripting (...

CVE-2020-36518 is a denial-of-service vulnerability in Jackson Databind where processing deeply nested JSON objects causes a Java StackOverflowError, crashing the application. This affects any Java ap...

This vulnerability in Oracle Database's Advanced Networking Option allows attackers to bypass network encryption protections and potentially compromise the component. It affects Oracle Database Server...

CVE-2021-35515 is a denial-of-service vulnerability in Apache Commons Compress's 7Z archive handling. When processing a specially crafted 7Z file, the codec list construction can enter an infinite loo...

CVE-2021-35517 is a denial-of-service vulnerability in Apache Commons Compress where specially crafted TAR archives can trigger excessive memory allocation, leading to out-of-memory errors. This affec...

Lodash versions before 4.17.21 contain a command injection vulnerability in the template function that allows attackers to execute arbitrary commands on the host system. This affects any application u...

This vulnerability in Google Guava's createTempDir() method creates temporary directories with world-readable permissions on Unix-like systems, allowing any user on the same machine to potentially rea...