Lucene search
K

41 matches found

Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.11 views

Alibaba Cloud Linux 3 : 0020: pki-core:10.6 (ALINUX3-SA-2021:0020)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0020 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-12086: A Polymorphic Typing issue...

9.8CVSS7.3AI score0.26587EPSS
Exploits9References17
SUSE CVE
SUSE CVE
added 2023/02/15 4:11 a.m.5 views

SUSE CVE-2019-12814

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x through 2.9.9. When Default Typing is enabled either globally or for a specific property for an externally exposed JSON endpoint and the service has JDOM 1.x or 2.x jar in the classpath, an attacker can send a specificall...

5.9CVSS8.5AI score0.10951EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.34 views

Mageia: Security Advisory (MGASA-2021-0153)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.45205EPSS
Exploits10References17
Mageia
Mageia
added 2021/03/27 2:27 p.m.219 views

Updated jackson-databind packages fix security vulnerabilities

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled either globally or for a specific property for an externally exposed JSON endpoint, the service has the mysql-connector-java jar 8.0.14 or earlier in the classpath, and an...

9.8CVSS1.3AI score0.45205EPSS
Exploits10References15
Ubuntu
Ubuntu
added 2021/03/15 9:47 p.m.80 views

USN-4813-1: Jackson Databind vulnerabilities

It was discovered that Jackson Databind incorrectly handled deserialization. An attacker could possibly use this issue to obtain sensitive information. CVE-2018-11307, CVE-2019-12086, CVE-2019-12814 It was discovered that Jackson Databind incorrectly handled deserialization. An attacker could...

10CVSS7.4AI score0.45205EPSS
Exploits10
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/24 10:3 a.m.90 views

Security Bulletin: Multiple Vulnerabilities in IBM Guardium Data Encryption (GDE)

Summary There are multiple vulnerabilities identified in IBM Guardium Data Encryption GDE .These vulnerabilities have been fixed in GDE 4.0.0.3. Please apply the latest version for the fixes. Vulnerability Details CVEID: CVE-2019-4697 DESCRIPTION: IBM Guardium Data Encryption GDE stores user...

10CVSS0.7AI score0.99652EPSS
Exploits22Affected Software1
RedhatCVE
RedhatCVE
added 2020/04/09 10:54 a.m.26 views

CVE-2019-12814

A new polymorphic typing flaw was discovered in FasterXML jackson-databind, versions 2.x through 2.9.9. With default typing enabled, an attacker can send a specifically crafted JSON message to the server that allows them to read arbitrary local files. Mitigation This vulnerability relies on jdom...

7.5CVSS3.8AI score0.10951EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2020/01/09 12:0 a.m.278 views

Fedora Update for jackson-core FEDORA-2019-99ff6aa32c

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.3AI score0.45205EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2020/01/09 12:0 a.m.59 views

Fedora Update for jackson-databind FEDORA-2019-99ff6aa32c

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.3AI score0.45205EPSS
Exploits4References2
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/20 8:47 a.m.25 views

Security Bulletin: : Netcool Operations Insight - Cloud Native Event Analytics is affected by a FasterXML jackson-databind vulnerability (CVE-2019-12814)

Summary Netcool Operations Insight - Cloud Native Event Analytics has addressed the following vulnerability in FasterXML jackson-databind Vulnerability Details CVEID: CVE-2019-12814 DESCRIPTION: A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x through 2.9.9. When Defaul...

5.9CVSS0.4AI score0.10951EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2019/10/31 7:9 p.m.114 views

Important: Red Hat Security Advisory: Red Hat Process Automation Manager 7.5.0 Security Update

An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

9.8CVSS7.4AI score0.45205EPSS
Exploits2References6
RedHat Linux
RedHat Linux
added 2019/10/31 5:26 p.m.114 views

Important: Red Hat Security Advisory: Red Hat Decision Manager 7.5.0 Security Update

An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links i...

9.8CVSS7.4AI score0.45205EPSS
Exploits2References6
RedHat Linux
RedHat Linux
added 2019/10/24 9:18 a.m.121 views

Moderate: Red Hat Security Advisory: Red Hat AMQ Streams 1.3.0 release and security update

Red Hat AMQ Streams 1.3.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.8CVSS7.4AI score0.45205EPSS
Exploits5References13
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/22 7:37 a.m.44 views

Security Bulletin: Multiple vulnerabilities in jackson-databind affect IBM Platform Symphony and IBM Spectrum Symphony

Summary Multiple vulnerabilities exist in the Jackson databind, core, and annotations version used by IBM Spectrum Symphony V7.2.1, V7.2.0.2, and V7.1.2, and IBM Platform Symphony V7.1.1 and V7.1 Fix Pack 1. Interim fixes that provide instructions on upgrading the Jackson databind, core, and...

9.8CVSS1.2AI score0.10951EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/21 4:12 p.m.25 views

Security Bulletin: IBM Event Streams is affected by jackson-databind vulnerabilities

Summary IBM Event Streams has addressed the following vulnerabilities in the jackson-databind versions shipped. Vulnerability Details CVEID: CVE-2019-12814 DESCRIPTION: FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by a polymorphic typing issue. ...

9.8CVSS1.1AI score0.10951EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2019/10/18 7:52 p.m.177 views

Important: Red Hat Security Advisory: OpenShift Container Platform logging-elasticsearch5-container security update

An update for logging-elasticsearch5-container is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

10CVSS7.5AI score0.49727EPSS
Exploits10References21
Tenable Nessus
Tenable Nessus
added 2019/10/15 12:0 a.m.43 views

RHEL 7 : Red Hat Single Sign-On 7.3.4 security update on RHEL 7 (Important) (RHSA-2019:3045)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3045 advisory. Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...

9.8CVSS8.2AI score0.21949EPSS
Exploits2References16
Tenable Nessus
Tenable Nessus
added 2019/10/15 12:0 a.m.37 views

RHEL 6 : Red Hat Single Sign-On 7.3.4 security update on RHEL 6 (Important) (RHSA-2019:3044)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3044 advisory. Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...

9.8CVSS8.2AI score0.21949EPSS
Exploits2References16
Tenable Nessus
Tenable Nessus
added 2019/10/15 12:0 a.m.57 views

RHEL 8 : Red Hat Single Sign-On 7.3.4 security update on RHEL 8 (Important) (RHSA-2019:3046)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3046 advisory. Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...

9.8CVSS8.2AI score0.21949EPSS
Exploits2References16
RedHat Linux
RedHat Linux
added 2019/10/14 7:1 p.m.174 views

Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.3.4 security update on RHEL 8

New Red Hat Single Sign-On 7.3.4 packages are now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7.4AI score0.21949EPSS
Exploits2References9
Rows per page
Query Builder