FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka...
8.1CVSS
8.5AI Score
0.034EPSS
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and...
8.1CVSS
8.5AI Score
0.034EPSS
SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too...
7.5CVSS
7.4AI Score
0.009EPSS
When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the PersistenceManager with a FileStore; and c) the...
7CVSS
7.5AI Score
0.922EPSS
SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is...
7.5CVSS
7.9AI Score
0.016EPSS
In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT...
9.8CVSS
9.1AI Score
0.011EPSS
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka...
8.1CVSS
8AI Score
0.05EPSS
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka...
8.1CVSS
8AI Score
0.044EPSS
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and...
8.8CVSS
8.3AI Score
0.008EPSS
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka...
8.8CVSS
8.3AI Score
0.008EPSS
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka...
8.8CVSS
8.3AI Score
0.008EPSS
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to...
8.8CVSS
8.3AI Score
0.008EPSS
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka...
8.8CVSS
8.3AI Score
0.008EPSS
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka...
8.8CVSS
8.3AI Score
0.011EPSS
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka...
8.8CVSS
8.3AI Score
0.011EPSS
In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column...
7.5CVSS
7.8AI Score
0.01EPSS
9.8CVSS
9.2AI Score
0.006EPSS
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS...
6.1CVSS
6AI Score
0.002EPSS
There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary...
7.8CVSS
9.1AI Score
0.0004EPSS
There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary...
7.8CVSS
9AI Score
0.0004EPSS
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic...
9.8CVSS
9.8AI Score
0.049EPSS
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary...
9.8CVSS
9.5AI Score
0.874EPSS
The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which...
7.8CVSS
7.4AI Score
0.0004EPSS
The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3)...
7.8CVSS
7.5AI Score
0.0004EPSS
Multiple unspecified "input validation" vulnerabilities in the Web management interface (aka Messaging Administration interface) in Avaya Message Storage Server (MSS) 3.x and 4.0, and possibly Communication Manager 3.1.x, allow remote authenticated administrators to execute arbitrary commands as...
7.6AI Score
0.003EPSS
Unspecified vulnerability in the administrative interface in Avaya Messaging Storage Server (MSS) 3.1 before SP1, and Message Networking (MN) 3.1, allows remote attackers to cause a denial of service via unspecified vectors related to "input...
6.7AI Score
0.013EPSS
BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow...
5.5CVSS
5.3AI Score
0.0004EPSS
POP3 service in Avaya Modular Messaging Message Storage Server (MSS) 2.0 SP 4 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted...
7AI Score
0.014EPSS
script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script...
5.5CVSS
5.6AI Score
0.0004EPSS
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer...
7.7AI Score
0.048EPSS
mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay...
8.1AI Score
0.003EPSS
The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out...
7.4AI Score
0.001EPSS
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA...
7.5AI Score
0.0004EPSS
Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML Elements...
7.8AI Score
0.927EPSS
Internet Explorer 6.x allows remote attackers to install arbitrary programs via mousedown events that call the Popup.show method and use drag-and-drop actions in a popup window, aka "HijackClick 3" and the "Script in Image Tag File Download...
7.5AI Score
0.965EPSS
Internet Explorer 6.0 SP1 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (application crash from "memory corruption") via certain malformed Cascading Style Sheet (CSS) elements that trigger heap-based buffer overflows, as demonstrated using the...
7.6AI Score
0.968EPSS
Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder,....
7.4AI Score
0.846EPSS
Buffer overflow in Microsoft Internet Information Server (IIS) 4.0 allows local users to execute arbitrary code via the redirect...
7.4AI Score
0.037EPSS
Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking...
6.5AI Score
0.0004EPSS
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c"...
5.9AI Score
0.0005EPSS
Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than...
7.8AI Score
0.477EPSS
Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial of service (application crash) via a malformed e-mail...
6.4AI Score
0.061EPSS
The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifying message length values and causing a buffer...
Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote attackers to execute arbitrary code via a .job file containing long parameters, as demonstrated using Internet Explorer and accessing a .job file on an...
7.7AI Score
0.861EPSS