CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

Github Security Blog•added 2022/05/13 1:36 a.m.•41 views

Deserialization of Untrusted Data in Jenkins

Jenkins before versions 2.44, 2.32.2 is vulnerable to a remote code execution vulnerability involving the deserialization of various types in javax.imageio in XStream-based APIs SECURITY-383...

8.8CVSS8.8AI score0.02976EPSS

Exploits1References6Affected Software1

Tenable Nessus•added 2022/04/01 12:0 a.m.•140 views

Amazon Corretto Java 11.x < 11.0.13.8.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is prior to 11 11.0.13.8.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-11-2021-Oct-19 advisory. - security-libs/javax.net.ssl CVE-2021-35550, CVE-2021-35578, CVE-2021-35603 -...

7.1CVSS6.3AI score0.00176EPSS

Exploits0References12

Tenable Nessus•added 2022/04/01 12:0 a.m.•304 views

Amazon Corretto Java 8.x < 8.312.07.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is prior to 8 8.312.07.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-8-2021-Oct-19 advisory. - security-libs/javax.net.ssl CVE-2021-35550, CVE-2021-35578, CVE-2021-35603 - client-libs/javax.swing...

7.1CVSS6.3AI score0.00176EPSS

Exploits0References12

Tenable Nessus•added 2022/04/01 12:0 a.m.•149 views

Amazon Corretto Java 17.x < 17.0.2.8.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is prior to 17 17.0.2.8.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-17-2022-Jan-18 advisory. - core-libs/java.io:serialization CVE-2022-21248, CVE-2022-21341 - client-libs/javax.imageio...

5.3CVSS6.2AI score0.05612EPSS

Exploits0References16

NVD•added 2018/05/15 8:29 p.m.•17 views

CVE-2017-2608

Jenkins before versions 2.44, 2.32.2 is vulnerable to a remote code execution vulnerability involving the deserialization of various types in javax.imageio in XStream-based APIs SECURITY-383...

8.8CVSS9AI score0.02976EPSS

Exploits1References4

CVE•added 2018/05/15 8:0 p.m.•198 views

CVE-2017-2608

CVE-2017-2608 is a remote-code-execution vulnerability in Jenkins via deserialization in XStream-based APIs (javax.imageio). Affected are Jenkins versions before 2.44 and 2.32.2 (as listed in multiple advisories). The flaw arises from improper validation of user-supplied input before deserializat...

8.8CVSS7.1AI score0.02976EPSS

Exploits1References4Affected Software1

Cvelist•added 2018/05/15 8:0 p.m.•19 views

CVE-2017-2608

Jenkins before versions 2.44, 2.32.2 is vulnerable to a remote code execution vulnerability involving the deserialization of various types in javax.imageio in XStream-based APIs SECURITY-383...

8.8CVSS6.5AI score0.02976EPSS

Exploits1References4

canvas•added 2018/01/05 2:29 p.m.•691 views

Immunity Canvas: JENKINS_XSTREAM_RCE

Name| jenkinsxstreamrce ---|--- CVE| CVE-2017-2068 Exploit Pack| CANVAS Description| jenkinsxstreamrce Notes| CVE Name: CVE-2017-2068 VENDOR: Jenkins NOTES: XStream-based APIs in Jenkins CI previous to version 2.44 are vulnerable to a remote code execution vulnerability involving the...

7.3AI score

Exploits1

RedhatCVE•added 2017/02/02 3:19 p.m.•25 views

CVE-2017-2608

Jenkins before versions 2.44, 2.32.2 is vulnerable to a remote code execution vulnerability involving the deserialization of various types in javax.imageio in XStream-based APIs SECURITY-383...

8.8CVSS6.2AI score0.02976EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by