GHSA-RF6R-2C4Q-2VWG jackson-databind mishandles the interaction between serialization gadgets and typing

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider aka bus-proxy...

jackson-databind mishandles the interaction between serialization gadgets and typing

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider aka bus-proxy...

GHSA-V3XW-C963-F5HC jackson-databind mishandles the interaction between serialization gadgets and typing

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq. aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms...

jackson-databind mishandles the interaction between serialization gadgets and typing

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq. aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms...

GHSA-9VVP-FXW6-JCXR jackson-databind mishandles the interaction between serialization gadgets and typing

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime aka openjpa...

jackson-databind mishandles the interaction between serialization gadgets and typing

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime aka openjpa...

GHSA-27XJ-RQX5-2255 jackson-databind mishandles the interaction between serialization gadgets and typing

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean aka spring-aop...

jackson-databind mishandles the interaction between serialization gadgets and typing

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean aka spring-aop...

Insecure Deserialization

camel-netty is vulnerable to insecure deserialization. If no codec is specified, it allows objects deserialization using java serialization and deserialization by default rather than restricting only to Strings...

Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2020-1365)

The version of java-1.7.0-openjdk installed on the remote host is prior to 1.7.0.261-2.6.22.1.83. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1365 advisory. Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization...

TYPO3 9.0.0 < 9.5.17, 10.0.0 < 10.4.2 Multiple Vulnerabilities (TYPO3-CORE-SA-2020-002, TYPO3-CORE-SA-2020-004 to TYPO3-CORE-SA-2020-006)

TYPO3 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:typo3:typo3"; if description...

Amazon Linux 2 : java-1.7.0-openjdk (ALAS-2020-1424)

The version of java-1.7.0-openjdk installed on the remote host is prior to 1.7.0.261-2.6.22.2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1424 advisory. Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization...

Important: java-1.7.0-openjdk

Issue Overview: Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with networ...

TylerTech Eagle 2018.3.11 Remote Code Execution

Exploit Title: TylerTech Eagle 2018.3.11 - Remote Code Execution Date: 2019-10-08 Exploit Author: Anthony Cole Vendor Homepage: https://www.tylertech.com/products/eagle Version: 2018.3.11 Tested on: Windows 2012 CVE: N/A Category: webapps Eagle is a software written in Java by TylerTech. Version...

Mozilla Firefox Code Issue Vulnerability

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox versions prior to 76, which stems from the program failing to properly serialize nsIPrincipal.origin for IPv6 addresses. A remote attacker could explo...

MongoDB 3.6 < 3.6.18, 4.0 < 4.0.15, 4.2 < 4.2.3, 4.3 < 4.3.3 Improper Serialization Vulnerability - Windows

MongoDB is prone to an improper serialization vulnerability in the authorization subsystem. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...

MongoDB 3.6 < 3.6.18, 4.0 < 4.0.15, 4.2 < 4.2.3, 4.3 < 4.3.3 Improper Serialization Vulnerability - Linux

MongoDB is prone to an improper serialization vulnerability in the authorization subsystem. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...

Amazon Linux 2 : java-1.8.0-openjdk (ALAS-2020-1421)

The version of java-1.8.0-openjdk installed on the remote host is prior to 1.8.0.252.b09-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1421 advisory. Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization...

CVE-2020-12390

Incorrect origin serialization of URLs with IPv6 addresses could lead to incorrect security checks. This vulnerability affects Firefox 76...

UBUNTU-CVE-2020-12390

Incorrect origin serialization of URLs with IPv6 addresses could lead to incorrect security checks. This vulnerability affects Firefox 76...