Lucene search
K

36 matches found

Nuclei
Nuclei
added 7 hours ago26 views

FasterXML jackson-databind - Deserialization Remote Code Execution

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig aka ibatis-sqlmap. This vulnerability allows attackers to execute arbitrary code through deserialization of...

9.8CVSS7.3AI score0.18671EPSS
Exploits0References3
Circl
Circl
added 2025/06/26 9:2 p.m.10 views

CVE-2020-9547

creationtimestamp| type| source ---|---|--- 2025-06-26 21:02:25+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lsjzkcz3wo26 2025-07-10 21:02:24+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3ltna3d5u6523 2025-12-13 20:32:11+00:00| seen|...

9.8CVSS8.5AI score0.18671EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:0 a.m.5 views

SUSE CVE-2020-9547

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig aka ibatis-sqlmap...

9.8CVSS8AI score0.18671EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2022/05/14 11:39 a.m.47 views

CVE-2020-9547

A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS2.3AI score0.18671EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.35 views

Mageia: Security Advisory (MGASA-2021-0153)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.45205EPSS
Exploits10References17
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/06 2:34 p.m.44 views

Security Bulletin: Jackson-Databind Vulnerabilities Affect the B2B API of IBM Sterling B2B Integrator

Summary IBM Sterling B2B Integrator has integrated multiple security vulnerability fixes from Jackson Databind, please see list of CVEs for vulnerability details Vulnerability Details CVEID: CVE-2020-9547 DESCRIPTION: FasterXML jackson-databind could allow a remote attacker to execute arbitrary...

9.8CVSS1.8AI score0.45205EPSS
Exploits26Affected Software1
Ubuntu
Ubuntu
added 2021/03/15 9:47 p.m.83 views

USN-4813-1: Jackson Databind vulnerabilities

It was discovered that Jackson Databind incorrectly handled deserialization. An attacker could possibly use this issue to obtain sensitive information. CVE-2018-11307, CVE-2019-12086, CVE-2019-12814 It was discovered that Jackson Databind incorrectly handled deserialization. An attacker could...

10CVSS7.4AI score0.45205EPSS
Exploits10
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.243 views

CentOS 8 : pki-core:10.6 and pki-deps:10.6 (CESA-2020:1644)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:1644 advisory. - jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig CVE-2019-14540 - jackson-databind: Serialization gadgets in...

9.8CVSS7.8AI score0.26587EPSS
Exploits6References8
RedHat Linux
RedHat Linux
added 2020/09/17 1:7 p.m.95 views

Important: Red Hat Security Advisory: Red Hat Data Grid 7.3.7 security update

An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

9.8CVSS7.3AI score0.26587EPSS
Exploits5References27
Tenable Nessus
Tenable Nessus
added 2020/09/08 12:0 a.m.72 views

RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.2.9 on RHEL 6 (RHSA-2020:3637)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3637 advisory. This release of Red Hat JBoss Enterprise Application Platform 7.2.9 serves as a replacement for Red Hat JBoss Enterprise Application Platfor...

9.8CVSS7.5AI score0.26587EPSS
Exploits5References65
Tenable Nessus
Tenable Nessus
added 2020/09/08 12:0 a.m.61 views

RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.2.9 on RHEL 8 (RHSA-2020:3639)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3639 advisory. This release of Red Hat JBoss Enterprise Application Platform 7.2.9 serves as a replacement for Red Hat JBoss Enterprise Application Platfor...

9.8CVSS7.5AI score0.26587EPSS
Exploits5References65
Tenable Nessus
Tenable Nessus
added 2020/09/08 12:0 a.m.46 views

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.2.9 on RHEL 7 (RHSA-2020:3638)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3638 advisory. This release of Red Hat JBoss Enterprise Application Platform 7.2.9 serves as a replacement for Red Hat JBoss Enterprise Application Platfor...

9.8CVSS7.5AI score0.26587EPSS
Exploits5References65
RedHat Linux
RedHat Linux
added 2020/09/07 1:5 p.m.106 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.9 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7AI score0.26587EPSS
Exploits5References44
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/04 6:51 p.m.45 views

Security Bulletin: jackson-databind (Publicly disclosed vulnerability) found in Network Performance Insight

Summary jackson-databind Publicly disclosed vulnerability found in Network Performance Insight Vulnerability Details CVEID: CVE-2020-9547 DESCRIPTION: FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between...

9.8CVSS1.3AI score0.18671EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2020/07/29 6:21 a.m.95 views

Important: Red Hat Security Advisory: Red Hat Process Automation Manager 7.8.0 Security Update

An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

9.8CVSS7.5AI score0.87806EPSS
Exploits11References35
RedHat Linux
RedHat Linux
added 2020/07/29 6:6 a.m.99 views

Important: Red Hat Security Advisory: Red Hat Decision Manager 7.8.0 Security Update

An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...

9.8CVSS7.4AI score0.87806EPSS
Exploits10References34
RedHat Linux
RedHat Linux
added 2020/07/28 3:54 p.m.117 views

Important: Red Hat Security Advisory: Red Hat Fuse 7.7.0 release and security update

A minor version update from 7.6 to 7.7 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

10CVSS7.2AI score0.58373EPSS
Exploits16References50
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/24 5:7 p.m.50 views

Security Bulletin: Multiple Security Vulnerabilities in Jackson-databind Affect IBM Sterling B2B Integrator

Summary IBM Sterling B2B Integrator has addressed multiple security vulnerabilities in jackson-databind Vulnerability Details CVEID: CVE-2020-8840 DESCRIPTION: An unspecified error with the lack of certain xbean-reflect/JNDI blocking in FasterXML jackson-databind has an unknown impact and attack...

9.8CVSS2.3AI score0.26587EPSS
Exploits5Affected Software1
RedHat Linux
RedHat Linux
added 2020/07/02 1:21 p.m.88 views

Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.4.1 security update

A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7.4AI score0.99019EPSS
Exploits16References13
IBM Security Bulletins
IBM Security Bulletins
added 2020/06/19 5:7 a.m.48 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in FasterXML jackson-databind

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of FasterXML jackson-databind. Vulnerability Details CVEID: CVE-2020-8840 DESCRIPTION: An unspecified error with the lack of certain xbean-reflect/JNDI blocking in FasterXML jackson-databind has an unknown impac...

9.8CVSS1.3AI score0.26587EPSS
Exploits5Affected Software1
Rows per page
Query Builder