Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

208 matches found

Debian CVE
Debian CVEadded 2018/01/10 6:0 p.m.59 views

CVE-2017-17485

FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper,...

9.8CVSS9AI score0.84949EPSS
Exploits1
Cvelist
Cvelistadded 2018/01/10 6:0 p.m.42 views

CVE-2017-17485

FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper,...

9.6AI score0.84949EPSS
Exploits1References24
Veracode
Veracodeadded 2017/02/06 8:42 a.m.7 views

SQL Injection

sequelize is vulnerable to sql injection attacks. The attacks are possible when user passes the order from JSON user input...

7AI score
Exploits0
PostrgeSql
PostrgeSqladded 2015/10/08 12:0 a.m.559 views

Vulnerability in core server (CVE-2015-5289)

Unchecked JSON input can crash the server...

6.4CVSS8.5AI score0.06572EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2014/05/04 12:0 a.m.63 views

Remote Command Injection in Ruby Gem sfpagent 0.4.14

Title: Remote Command Injection in Ruby Gem sfpagent 0.4.14 Date: 4/15/2014 Author: Larry W. Cashdollar, @larry0 CVE: 2014-2888 Download: http://rubygems.org/gems/sfpagent Vulnerability The list variable generated from the user supplied JSONbody input is passed directly to the system shell on lin...

8.1AI score
Exploits0
0day.today
0day.todayadded 2014/04/19 12:0 a.m.39 views

Ruby Gem sfpagent 0.4.14 Command Injection Vulnerability

Ruby Gem sfpagent version 0.4.14 suffers from a remote command injection vulnerability. Title: Remote Command Injection in Ruby Gem sfpagent 0.4.14 Date: 4/15/2014 Author: Larry W. Cashdollar, @larry0 CVE: 2014-2888 Download: http://rubygems.org/gems/sfpagent Vulnerability The list variable...

7.5CVSS0.6AI score0.00734EPSS
Exploits3
Packet Storm
Packet Stormadded 2014/04/18 12:0 a.m.37 views

Ruby Gem sfpagent 0.4.14 Command Injection

Title: Remote Command Injection in Ruby Gem sfpagent 0.4.14 Date: 4/15/2014 Author: Larry W. Cashdollar, @larry0 CVE: 2014-2888 Download: http://rubygems.org/gems/sfpagent Vulnerability The list variable generated from the user supplied JSONbody input is passed directly to the system shell on lin...

7.5CVSS0.3AI score0.00734EPSS
Exploits3
CVE
CVEadded 1976/01/01 12:0 a.m.119 views

CVE-2021-42248

CVE-2021-42248 is a duplicate of CVE-2021-42836. The connected document for CVE-2021-42836 describes a ReDoS vulnerability in the GJSON library (before version 1.9.3) where specially crafted JSON input can trigger a regular expression denial of service. Impact is denial of service; no product/ver...

7.4AI score
Exploits0
Rows per page
Query Builder