2 matches found
CVE-2025-36274 IBM Aspera HTTP Gateway information disclosure
IBM Aspera HTTP Gateway 2.0.0 through 2.3.1 stores sensitive information in clear text in easily obtainable files which can be read by an unauthenticated user...
jackson-databind: Lacks certain xbean-reflect/JNDI blocking
A flaw was found in FasterXML jackson-databind in versions 2.0.0 through 2.9.10.2. A "gadget" exploit is possible due to a lack of a Java object being blocking from being deserialized. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availabili...