Lucene search
K

27 matches found

SUSE CVE
SUSE CVE
added 2026/06/25 2:19 a.m.10 views

SUSE CVE-2026-54514

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.0.0 until 2.18.8, 2.21.4, and 3.1.4, JDKFromStringDeserializer constructed InetSocketAddress with new InetSocketAddresshost, port, which performs eager DNS name resolution fo...

5.3CVSS5.9AI score0.00219EPSS
Exploits0References5
Snyk
Snyk
added 2026/06/23 9:22 p.m.15 views

Server-side Request Forgery (SSRF)

Overview com.fasterxml.jackson.core:jackson-databind is a library which contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the JDKFromStringDeserializer class,...

6.9CVSS5.8AI score0.00219EPSS
Exploits0References2
OSV
OSV
added 2026/06/23 9:17 p.m.4 views

UBUNTU-CVE-2026-54514

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.0.0 until 2.18.8, 2.21.4, and 3.1.4, JDKFromStringDeserializer constructed InetSocketAddress with new InetSocketAddresshost, port, which performs eager DNS name resolution fo...

5.3CVSS5.9AI score0.00219EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/06/23 8:51 p.m.9 views

CVE-2026-54514

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.0.0 until 2.18.8, 2.21.4, and 3.1.4, JDKFromStringDeserializer constructed InetSocketAddress with new InetSocketAddresshost, port, which performs eager DNS name resolution fo...

5.3CVSS5.9AI score0.00219EPSS
Exploits0
CVE
CVE
added 2026/06/23 8:51 p.m.133 views

CVE-2026-54514

CVE-2026-54514 affects jackson-databind’s InetSocketAddress handling during deserialization. From 2.0.0 up to fixes in 2.18.8, 2.21.4, and 3.1.4, JDKFromStringDeserializer constructed InetSocketAddress(host, port), causing eager DNS resolution at readValue time and enabling an attacker to trigger...

5.3CVSS5.9AI score0.00219EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/06/23 8:51 p.m.10 views

EUVD-2026-38592

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.0.0 until 2.18.8, 2.21.4, and 3.1.4, JDKFromStringDeserializer constructed InetSocketAddress with new InetSocketAddresshost, port, which performs eager DNS name resolution fo...

5.3CVSS5.9AI score0.00219EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.17 views

PT-2026-51597

Name of the Vulnerable Software and Affected Versions jackson-databind versions 2.0.0 through 2.18.7 jackson-databind versions 2.19.0 through 2.21.3 jackson-databind versions 3.0.0 through 3.1.3 Description The JDKFromStringDeserializer function constructs InetSocketAddress using new...

5.3CVSS5.8AI score0.00219EPSS
Exploits0References33
SUSE CVE
SUSE CVE
added 2026/05/06 1:41 a.m.11 views

SUSE CVE-2026-43038

In the Linux kernel, the following vulnerability has been resolved: ipv6: icmp: clear skb2-cb in ip6errgenicmpv6unreach Sashiko AI-review observed: In ip6errgenicmpv6unreach, the skb is an outer IPv4 ICMP error packet where its cb contains an IPv4 inetskbparm. When skb is cloned into skb2 and...

5.5CVSS5.8AI score0.00255EPSS
Exploits0References22
AstraLinux
AstraLinux
added 2026/03/03 9:29 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: tcpbpf: The function tcpbpfsendverdict fails to allocate psock-cork when called, and skmsgfree must be called instead. The issue was reported by syzbot as follows: 0 The reproduction of the issue involves the following steps: 1...

7.8CVSS6AI score0.00171EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.5 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002455)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002455 advisory. The PPPoL2TP feature in net/l2tp/l2tpppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between ...

6.9CVSS6.6AI score0.02103EPSS
Exploits6References26
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.4 views

PT-2025-49641

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.3.0-rc4-01174-gb5d54eb5899a 7 Description The Linux kernel contains a use-after-free issue within the tcp write timer handler function. This occurs when the SMC SMC socket creates a kernel socket and the kernel...

6.4AI score0.00162EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/10/29 3:15 p.m.4 views

kernel: mptcp: do not queue data on closed subflows

In the Linux kernel, the following vulnerability has been resolved: mptcp: do not queue data on closed subflows Dipanjan reported a syzbot splat at close time: WARNING: CPU: 1 PID: 10818 at net/ipv4/afinet.c:153 inetsockdestruct+0x6d0/0x8e0 net/ipv4/afinet.c:153 Modules linked in: uioivshmemOE ui...

7.8CVSS6.8AI score0.00216EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-55340

Malicious code in bioql PyPI...

6.3AI score0.00201EPSS
Exploits0References2
OSV
OSV
added 2025/07/28 12:15 p.m.3 views

DEBIAN-CVE-2025-38475

In the Linux kernel, the following vulnerability has been resolved: smc: Fix various oops due to inetsock type confusion. syzbot reported weird splats 01 in cipsov4socksetattr while freeing inetsksk-inetopt. The address was freed multiple times even though it was read-only memory...

5.5CVSS5.6AI score0.00135EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/07/28 11:21 a.m.3 views

CVE-2025-38475

In the Linux kernel, the following vulnerability has been resolved: smc: Fix various oops due to inetsock type confusion. syzbot reported weird splats 01 in cipsov4socksetattr while freeing inetsksk-inetopt. The address was freed multiple times even though it was read-only memory...

5.5CVSS6.1AI score0.00135EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.2 views

kernel: bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx

In the Linux kernel, the following vulnerability has been resolved: bpf: Add skisinet and ISICSK check in tlsswhasctxtx/rx As the introduction of the support for vsock and unix sockets in sockmap, tlsswhasctxtx/rx cannot presume the socket passed in must be ISICSK. vsock and afunix sockets have...

5.5CVSS6.8AI score0.00221EPSS
Exploits0References5
F5 Networks
F5 Networks
added 2023/02/21 7:0 p.m.33 views

K15482: Linux kernel vulnerability CVE-2014-4943

Security Advisory Description The PPPoL2TP feature in net/l2tp/l2tpppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket. CVE-2014-4943 Impact None. No F5 products are affected by this...

6.9CVSS6.3AI score0.02103EPSS
Exploits6
Debian CVE
Debian CVE
added 2014/07/19 7:0 p.m.45 views

CVE-2014-4943

The PPPoL2TP feature in net/l2tp/l2tpppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket...

6.9CVSS6.8AI score0.02103EPSS
Exploits6
RedHat Linux
RedHat Linux
added 2013/10/23 4:26 p.m.8 views

OpenJDK: InetSocketAddress serialization issue (Networking, 7201071)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Networking. NOTE: the previous information...

5CVSS7.4AI score0.04875EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2013/09/18 12:0 a.m.41 views

Debian Security Advisory DSA 2389-1 (linux-2.6 - privilege escalation/denial of service/information leak)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-2183Andrea Righi reported an issue in KSM, a memory-saving de-duplication...

6.9CVSS0.2AI score0.08793EPSS
Exploits9References1
Rows per page
Query Builder