CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4220 matches found

NVD•added 2020/03/31 5:15 a.m.•22 views

CVE-2020-11112

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider aka apache/commons-proxy...

8.8CVSS9AI score0.06772EPSS

Exploits0References8

NVD•added 2020/03/31 5:15 a.m.•17 views

CVE-2020-11113

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime aka openjpa...

8.8CVSS9AI score0.60714EPSS

Exploits0References8

OSV•added 2020/03/31 5:15 a.m.•20 views

CVE-2020-11113

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime aka openjpa...

8.8CVSS6.5AI score

Exploits0References8

NVD•added 2020/03/31 5:15 a.m.•20 views

CVE-2020-11111

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq. aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms...

8.8CVSS9AI score0.02082EPSS

Exploits0References8

OSV•added 2020/03/31 5:15 a.m.•1 views

DEBIAN-CVE-2020-11113

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime aka openjpa...

8.8CVSS8.1AI score0.60714EPSS

Exploits0References1

OSV•added 2020/03/31 5:15 a.m.•18 views

CVE-2020-11111

8.8CVSS6.5AI score

Exploits0References8

OSV•added 2020/03/31 5:15 a.m.•20 views

CVE-2020-11112

8.8CVSS6.5AI score

Exploits0References8

Prion•added 2020/03/31 5:15 a.m.•18 views

Design/Logic Flaw

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime aka openjpa...

6.8CVSS8.9AI score0.60714EPSS

Exploits0References8Affected Software31

Prion•added 2020/03/31 5:15 a.m.•18 views

Design/Logic Flaw

6.8CVSS8.9AI score0.02082EPSS

Exploits0References8Affected Software24

UbuntuCve•added 2020/03/31 5:15 a.m.•29 views

CVE-2020-11111

8.8CVSS7.1AI score0.02082EPSS

Exploits0References4

UbuntuCve•added 2020/03/31 5:15 a.m.•27 views

CVE-2020-11112

8.8CVSS7.1AI score0.06772EPSS

Exploits0References4

OSV•added 2020/03/31 5:15 a.m.•0 views

UBUNTU-CVE-2020-11112

8.8CVSS7.2AI score0.06772EPSS

Exploits0References5

UbuntuCve•added 2020/03/31 5:15 a.m.•41 views

CVE-2020-11113

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime aka openjpa...

8.8CVSS7.1AI score0.60714EPSS

Exploits0References4

OSV•added 2020/03/31 5:15 a.m.•0 views

UBUNTU-CVE-2020-11113

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime aka openjpa...

8.8CVSS7.2AI score0.60714EPSS

Exploits0References5

OSV•added 2020/03/31 5:15 a.m.•2 views

UBUNTU-CVE-2020-11111

8.8CVSS7.2AI score0.02082EPSS

Exploits0References5

CVE•added 2020/03/31 4:37 a.m.•432 views

CVE-2020-11111

CVE-2020-11111 involves FasterXML Jackson Databind 2.x before 2.9.10.4, where deserialization gadgets and typing interaction (related to org.apache.activemq.*) are mishandled. This can impact confidentiality, integrity and availability. Affected product is Jackson Databind 2.x prior to 2.9.10.4; ...

8.8CVSS8.3AI score0.02082EPSS

Exploits0References8Affected Software1