7 matches found
EUVD-2026-32895
Deserialization of untrusted data vulnerability in QOS.CH Sarl logback logback-core HardenedObjectInputStream logback-core modules allows Object Injection albeit heavily restricted. More precisely, an attacker able to influence serialized data sent to SimpleSocketServer or SimpleSSLSocketServer c...
CVE-2026-9828
Deserialization of untrusted data vulnerability in QOS.CH Sarl logback logback-core HardenedObjectInputStream logback-core modules allows Object Injection albeit heavily restricted. More precisely, an attacker able to influence serialized data sent to SimpleSocketServer or SimpleSSLSocketServer c...
CVE-2026-9828 Logback deserialization whitelist bypass for java.lang and java.util
Deserialization of untrusted data vulnerability in QOS.CH Sarl logback logback-core HardenedObjectInputStream logback-core modules allows Object Injection albeit heavily restricted. More precisely, an attacker able to influence serialized data sent to SimpleSocketServer or SimpleSSLSocketServer c...
Amazon Corretto Java 17.x < 17.0.7.7.1 Multiple Vulnerabilities
The version of Amazon Corretto installed on the remote host is prior to 17 17.0.7.7.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-17-2023-Apr-18 advisory. - security-libs/javax.net.ssl CVE-2023-21930, CVE-2023-21967 - core-libs/java.net CVE-2023-21937 -...
OSV-2022-733 Security exception in jaz.Zer.<clinit>
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50374 Crash type: Security exception Crash state: jaz.Zer. java.base/java.lang.Class.forName0 java.base/java.lang.Class.forName...
Amazon Corretto Java 11.x < 11.0.5.10.1 Multiple Vulnerabilities
The version of Amazon Corretto installed on the remote host is prior to 11 11.0.5.10.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-11-2019-Oct-15 advisory. - security-libs/javax.net.ssl CVE-2019-2894, CVE-2019-2949 - core-libs CVE-2019-2933 -...
JDK: java.lang.class code execution
Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics...