CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

792 matches found

FasterXML Jackson Databind <=2.9.10.4 - Remote Code Execution

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig aka anteros-core. id: CVE-2020-9548 info: name: FasterXML Jackson Databind =2.9.10.4 - Remote Code Execution author: tomaquet18...

9.8CVSS7.1AI score0.62015EPSS

Exploits0References5

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в jackson-databind

FasterXML Jackson-Databind 2.x versions before 2.9.10.8 mishandle the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool...

8.1CVSS6.9AI score0.02241EPSS

Exploits1References1

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в jackson-databind

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource...

8.8CVSS7AI score0.07471EPSS

Exploits1References2

AstraLinux•added 2026/05/20 5:53 a.m.•8 views

Astra Linux - уязвимость в jackson-databind

FasterXML Jackson-Databind 2.x versions before 2.9.10.8 mishandle the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS...

8.8CVSS6.8AI score0.0295EPSS

Exploits2References1

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в jackson-databind

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource...

8.1CVSS7AI score0.0295EPSS

Exploits1References1

Tenable Nessus•added 2026/05/11 12:0 a.m.•6 views

Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017607)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017607 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

8.1CVSS6.8AI score0.02335EPSS

Exploits1References4

Tenable Nessus•added 2026/05/11 12:0 a.m.•5 views

Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017526)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017526 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

8.1CVSS6.9AI score0.0295EPSS

Exploits1References4

Tenable Nessus•added 2026/05/11 12:0 a.m.•6 views

Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017619)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017619 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

8.1CVSS5.8AI score0.02241EPSS

Exploits1References4

Tenable Nessus•added 2026/05/11 12:0 a.m.•5 views

Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017611)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017611 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

8.8CVSS6.8AI score0.0295EPSS

Exploits2References4

Tenable Nessus•added 2026/05/11 12:0 a.m.•7 views

Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017585)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017585 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

8.8CVSS7.3AI score0.03194EPSS

Exploits2References4

Tenable Nessus•added 2026/05/11 12:0 a.m.•4 views

Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017510)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017510 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

8.1CVSS7AI score0.06186EPSS

Exploits1References4

Tenable Nessus•added 2026/05/11 12:0 a.m.•7 views

Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017518)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017518 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

8.1CVSS6.9AI score0.04249EPSS

Exploits1References4

Tenable Nessus•added 2026/05/11 12:0 a.m.•6 views

Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017578)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017578 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

8.1CVSS5.8AI score0.04276EPSS

Exploits1References4

Tenable Nessus•added 2026/05/11 12:0 a.m.•5 views

Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017597)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017597 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

8.8CVSS5.8AI score0.61883EPSS

Exploits2References4

Tenable Nessus•added 2026/05/11 12:0 a.m.•8 views

Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017505)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017505 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

8.1CVSS7.1AI score0.42315EPSS

Exploits0References4

Tenable Nessus•added 2026/05/11 12:0 a.m.•7 views

Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017603)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017603 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

8.8CVSS7.3AI score0.05862EPSS

Exploits2References4

SUSE CVE•added 2026/05/07 2:17 a.m.•3 views

SUSE CVE-2026-43136

In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Check maxfield in hidppgetreportlength Do not crash when a report has no fields. Fake USB gadgets can send their own HID report descriptors and can define report structures without valid fields. This can be...

5.7AI score0.00013EPSS

Exploits0References3

NVD•added 2026/05/06 12:16 p.m.•0 views

CVE-2026-43136

5.5CVSS0.00013EPSS

Exploits0References8

Cvelist•added 2026/05/06 11:27 a.m.•22 views

CVE-2026-43136 HID: logitech-hidpp: Check maxfield in hidpp_get_report_length()

0.00013EPSS

Exploits0References8

CVE•added 2026/05/06 11:27 a.m.•3 views

CVE-2026-43136

The CVE-2026-43136 issue affects the Linux kernel HID subsystem (logitech-hidpp) where fake USB devices could craft HID report descriptors without valid fields, potentially crashing the kernel over USB. The root cause is a missing validation in hidpp_get_report_length() that allowed reports with ...

5.5CVSS5.7AI score0.00013EPSS

Exploits0References8Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by