Lucene search
K

252 matches found

OSV
OSV
added 2023/11/29 12:15 p.m.9 views

CVE-2023-6378

A serialization vulnerability in logback receiver component part of logback version 1.4.11 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data...

7.5CVSS7.2AI score
Exploits0References2
NVD
NVD
added 2023/11/29 12:15 p.m.28 views

CVE-2023-6378

A serialization vulnerability in logback receiver component part of logback version 1.4.11 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data...

7.5CVSS0.009EPSS
Exploits0References2
Prion
Prion
added 2023/11/29 12:15 p.m.30 views

Design/Logic Flaw

A serialization vulnerability in logback receiver component part of logback version 1.4.11 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data...

5CVSS6.7AI score0.009EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/11/29 12:2 p.m.531 views

CVE-2023-6378

CVE-2023-6378 involves a serialization vulnerability in the logback receiver component of logback version 1.4.11 that allows an attacker to mount a Denial-of-Service by sending poisoned data. The published entries consistently describe a DoS impact without other confidentiality or integrity effec...

7.5CVSS7.2AI score0.009EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/11/29 12:2 p.m.31 views

CVE-2023-6378 Logback "receiver" DOS vulnerability

A serialization vulnerability in logback receiver component part of logback version 1.4.11 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data...

7.1CVSS7.6AI score0.009EPSS
Exploits0References1
OSV
OSV
added 2023/09/15 11:5 a.m.14 views

OESA-2023-1642 openjdk-1.8.0 security update

The OpenJDK runtime environment 8. Security Fixes: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 17.0.3.1; Oracle GraalVM Enterprise Edition: 21.3.2 and 22.1.0. Easily...

7.4CVSS8.2AI score0.02474EPSS
Exploits1References14
OSV
OSV
added 2023/09/15 11:5 a.m.6 views

OESA-2023-1643 openjdk-1.8.0 security update

The OpenJDK runtime environment 8. Security Fixes: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 17.0.3.1; Oracle GraalVM Enterprise Edition: 21.3.2 and 22.1.0. Easily...

7.4CVSS8.2AI score0.02474EPSS
Exploits1References14
OSV
OSV
added 2023/09/09 11:5 a.m.7 views

OESA-2023-1603 openjdk-latest security update

The OpenJDK runtime environment. Security Fixes: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 17.0.3.1; Oracle GraalVM Enterprise Edition: 21.3.2 and 22.1.0. Easily...

5.9CVSS6.9AI score0.02474EPSS
Exploits1References14
BDU FSTEC
BDU FSTEC
added 2023/09/06 12:0 a.m.3 views

The vulnerability of the Serialization component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Serialization component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine is related to the restoration of unreliable data in memory. Exploiting this vulnerability can allow an attacker to gain access to data, enabling them ...

5.3CVSS6.3AI score0.01058EPSS
Exploits0References13Affected Software6
BDU FSTEC
BDU FSTEC
added 2023/09/05 12:0 a.m.5 views

The vulnerability of the Serialization component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows a perpetrator to trigger a service failure.

The vulnerability of the Serialization component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine is related to the restoration of unreliable data in memory. Exploiting this vulnerability can allow an attacker to cause service interruptions remotel...

5.3CVSS6.2AI score0.03765EPSS
Exploits0References17Affected Software6
Prion
Prion
added 2023/08/13 1:15 p.m.23 views

Code injection

Mismatch vulnerability in the serialization process in the communication system. Successful exploitation of this vulnerability may affect availability...

5CVSS7.5AI score0.00379EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2023/04/19 12:0 a.m.25 views

CVE-2023-20862

In Spring Security, versions 5.7.x prior to 5.7.8, versions 5.8.x prior to 5.8.3, and versions 6.0.x prior to 6.0.3, the logout support does not properly clean the security context if using serialized versions. Additionally, it is not possible to explicitly save an empty security context to the...

6.6AI score0.00648EPSS
Exploits0References2
OSV
OSV
added 2023/03/27 10:15 p.m.5 views

CVE-2023-26548

The pgmng module has a vulnerability in serialization/deserialization. Successful exploitation of this vulnerability may affect availability...

7.5CVSS5.8AI score0.00524EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/03/27 12:0 a.m.9 views

CVE-2023-26548

The pgmng module has a vulnerability in serialization/deserialization. Successful exploitation of this vulnerability may affect availability...

6.9AI score0.00524EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/03/05 12:0 a.m.5 views

Huawei HarmonyOS 代码问题漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a security vulnerability that stems from a serialization and deserialization vulnerability in modules. An attacker exploiting...

7.5CVSS7.5AI score0.00524EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/02/28 12:0 a.m.4 views

SPIP 安全漏洞

SPIP is a freeware program from SPIP for creating Internet sites. A security vulnerability exists in SPIP versions prior to 4.2.1, which stems from improper serialization handling and can be exploited by an attacker to remotely execute code...

9.8CVSS8.3AI score0.99637EPSS
Exploits23References11
SUSE CVE
SUSE CVE
added 2023/02/15 4:49 a.m.7 views

SUSE CVE-2017-5929

QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components...

9.8CVSS7.8AI score0.07501EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:44 a.m.7 views

SUSE CVE-2017-10109

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker...

5.3CVSS7.1AI score0.03114EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 4:34 a.m.4 views

SUSE CVE-2018-2657

Vulnerability in the Java SE, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to...

5.3CVSS5.5AI score0.07525EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:4 a.m.4 views

SUSE CVE-2020-2583

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

3.7CVSS5.8AI score0.0404EPSS
Exploits0References16
Rows per page
Query Builder