CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4166 matches found

Fedora•added 2017/04/19 3:9 a.m.•9 views

[SECURITY] Fedora 26 Update: jenkins-xstream-1.4.7-11.jenkins1.fc26

XStream is a simple library to serialize objects to XML and back again. A high level facade is supplied that simplifies common use cases. Custom objects can be serialized without need for specifying mappings. Speed and low memory footprint are a crucial part of the design, making it suitable for...

0.2AI score

Exploits0

Fedora•added 2017/04/19 3:9 a.m.•10 views

[SECURITY] Fedora 26 Update: xstream-1.4.9-5.fc26

0.4AI score

Exploits0

seebug.org•added 2017/04/19 12:0 a.m.•118 views

Windows: ManagementObject Arbitrary .NET Serialization RCE（CVE-2017-0160）

Windows: ManagementObject Arbitrary .NET Serialization RCE Platform: .NET 4.6, Powershell 4. Tested between Server 2016 and Windows 10 Anniversary Edition Class: Remote Code Execution Summary: Accessing a compromised WMI server over DCOM using System.Management classes or the Powershell...

10CVSS8.3AI score0.3014EPSS

Exploits11

Prion•added 2017/04/11 4:59 p.m.•22 views

Out-of-bounds

The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service out-of-bounds read and application crash via a non-UTF-8 attribute value, related to serialization. NOTE: this vulnerability may be a duplicate of CVE-2016-3627...

5CVSS6.3AI score0.0127EPSS

Exploits2References14Affected Software3

OSV•added 2017/04/11 4:59 p.m.•1 views

DEBIAN-CVE-2016-4483

7.5CVSS8.8AI score0.0127EPSS

Exploits2References1

Cvelist•added 2017/04/11 4:0 p.m.•23 views

CVE-2016-4483

6.9AI score0.0127EPSS

Exploits2References14

CVE•added 2017/04/11 4:0 p.m.•165 views

CVE-2016-4483

CVE-2016-4483 is a libxml2 serialization bug: xmlBufAttrSerializeTxtContent can trigger an out-of-bounds read when a non-UTF-8 attribute value is serialized, leading to a denial of service. Connected records note related follow-ons: CVE-2016-9598 (and CVE-2016-9596) describe DoS/out-of-bounds sce...

7.5CVSS7.2AI score0.0127EPSS

Exploits2References14Affected Software1

myhack58•added 2017/04/07 12:0 a.m.•160 views

Java AMF3 deserialization vulnerability analysis-vulnerability warning-the black bar safety net

AMF Action Message Format is a binary serialization format, before the main Flash application in using this format. Recently, the Code White found to have multiple Java AMF library in the presence of vulnerabilities, and these vulnerabilities will lead to unauthenticated remote code execution...

5CVSS7.4AI score0.13331EPSS

Exploits2

seebug.org•added 2017/03/21 12:0 a.m.•51 views

GitLab permission leak Vulnerability, CVE-2017-0882）

Information Disclosure in Issue and Merge Request Trackers During an internal code review a critical vulnerability in the GitLab Issue and Merge Request trackers was discovered. This vulnerability could allow a user with access to assign ownership of an issue or merge request to another user to...

4CVSS6AI score0.00183EPSS

Exploits2

Veracode•added 2017/03/14 6:17 a.m.•31 views

Arbitrary Code Execution Via Serialization

QOS.ch Logback is vulnerable to arbitrary code execution via serialization. It is possible to write untrusted objects from the Logger, allowing arbitrary code execution...

9.8CVSS9.6AI score0.10144EPSS

Exploits0References22Affected Software224