Lucene search
K

44 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : pki-core:10.6 (AXSA:2020-931:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-931:01 advisory. jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig CVE-2019-14540 jackson-databind: Serialization gadgets in...

9.8CVSS8.4AI score0.10676EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-0658

Malware in sbrugna...

9.8CVSS7.8AI score0.04918EPSS
Exploits0References62
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.11 views

Alibaba Cloud Linux 3 : 0020: pki-core:10.6 (ALINUX3-SA-2021:0020)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0020 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-12086: A Polymorphic Typing issue...

9.8CVSS7.3AI score0.26587EPSS
Exploits9References17
Rosalinux
Rosalinux
added 2025/01/28 6:31 p.m.29 views

Advisory ROSA-SA-2025-2629

software: jackson-databind 2.9.9.3 OS: ROSA-CHROME packageevrstring: jackson-databind-2.9.9.9.3 CVE-ID: CVE-2019-14540 BDU-ID: 2019-04085 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the FasterXML com.zaxxer.hikari.HikariConfig function of the Java library for grammar parsing JSON files...

9.8CVSS9.1AI score0.10676EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2023/02/15 4:9 a.m.10 views

SUSE CVE-2019-14540

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig...

7.5CVSS9.2AI score0.10676EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/01 9:46 p.m.85 views

Security Bulletin: Vulnerability in jackson-databind affects IBM Process Mining (Multiple CVEs)

Summary There is a vulnerability in jackson-databind that could allow a local attacker to launch a symlink attack. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2020-36182 DESCRIPTION:...

10CVSS9.1AI score0.45205EPSS
Exploits26Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.34 views

Mageia: Security Advisory (MGASA-2021-0153)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.45205EPSS
Exploits10References17
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/18 3:42 p.m.52 views

Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring has patched several open source dependencies

Summary IBM Cloud Pak for Multicloud Management Monitoring has patched several open source dependencies that were inadvertently missed during previous scans. Vulnerability Details CVEID: CVE-2021-21409 DESCRIPTION: Netty is vulnerable to request smuggling, caused by improper validation of request...

9.8CVSS9.2AI score0.49727EPSS
Exploits21Affected Software1
Mageia
Mageia
added 2021/03/27 2:27 p.m.220 views

Updated jackson-databind packages fix security vulnerabilities

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled either globally or for a specific property for an externally exposed JSON endpoint, the service has the mysql-connector-java jar 8.0.14 or earlier in the classpath, and an...

9.8CVSS1.3AI score0.45205EPSS
Exploits10References15
Ubuntu
Ubuntu
added 2021/03/15 9:47 p.m.81 views

USN-4813-1: Jackson Databind vulnerabilities

It was discovered that Jackson Databind incorrectly handled deserialization. An attacker could possibly use this issue to obtain sensitive information. CVE-2018-11307, CVE-2019-12086, CVE-2019-12814 It was discovered that Jackson Databind incorrectly handled deserialization. An attacker could...

10CVSS7.4AI score0.45205EPSS
Exploits10
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.242 views

CentOS 8 : pki-core:10.6 and pki-deps:10.6 (CESA-2020:1644)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:1644 advisory. - jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig CVE-2019-14540 - jackson-databind: Serialization gadgets in...

9.8CVSS7.8AI score0.26587EPSS
Exploits6References8
RedHat Linux
RedHat Linux
added 2020/07/28 3:54 p.m.117 views

Important: Red Hat Security Advisory: Red Hat Fuse 7.7.0 release and security update

A minor version update from 7.6 to 7.7 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

10CVSS7.2AI score0.58373EPSS
Exploits16References50
RedHat Linux
RedHat Linux
added 2020/05/28 3:58 p.m.310 views

Important: Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 19 security update

This is a security update for JBoss EAP Continuous Delivery 19. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

9.8CVSS7.3AI score0.28839EPSS
Exploits7References45
RedHat Linux
RedHat Linux
added 2020/05/26 4:9 p.m.76 views

Important: Red Hat Security Advisory: Red Hat Data Grid 7.3.6 security update

An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

9.8CVSS6.8AI score0.28839EPSS
Exploits6References16
AlmaLinux
AlmaLinux
added 2020/04/28 9:0 a.m.57 views

Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update

The Public Key Infrastructure PKI Core contains fundamental packages required by AlmaLinux Certificate System. Security Fixes: jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig CVE-2019-14540 jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource...

9.8CVSS9.4AI score0.26587EPSS
Exploits6References13
OSV
OSV
added 2020/04/28 9:0 a.m.39 views

ALSA-2020:1644 Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update

The Public Key Infrastructure PKI Core contains fundamental packages required by AlmaLinux Certificate System. Security Fixes: jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig CVE-2019-14540 jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource...

9.8CVSS9.2AI score0.26587EPSS
Exploits6References13
RedHat Linux
RedHat Linux
added 2020/03/18 5:36 p.m.332 views

Important: Red Hat Security Advisory: Red Hat Decision Manager 7.7.0 Security Update

An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...

9.8CVSS7AI score0.28839EPSS
Exploits2References14
RedHat Linux
RedHat Linux
added 2020/03/18 2:51 p.m.89 views

Moderate: Red Hat Security Advisory: Red Hat Process Automation Manager 7.7.0 Security Update

An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

9.8CVSS7.1AI score0.10676EPSS
Exploits1References13
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/18 4:10 a.m.32 views

Security Bulletin: A vulnerability has been identified in FasterXML Jackson library shipped with IBM Tivoli Netcool/OMNIbus Common Integration Libraries (CVE-2019-14540)

Summary FasterXML Jackson library is shipped as a component of IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library and Transformer for Message Bus Integration. Information about security vulnerabilities affecting FasterXML Jackson library has been published. Vulnerability Detai...

9.8CVSS1.5AI score0.10676EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/13 3:2 a.m.37 views

Security Bulletin: Vulnerabilities affect IBM Network Performance Insight (CVE-2019-14379, CVE-2019-17531, CVE-2019-14439 and CVE-2019-14540)

Summary IBM Network Performance Insight has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2019-14379 DESCRIPTION: SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used because of...

9.8CVSS0.3AI score0.10763EPSS
Exploits1Affected Software1
Rows per page
Query Builder