Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Tenable Nessus
Tenable Nessusadded 2026/06/02 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2026-10532

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Deserialization of untrusted data vulnerability in QOS.CH Sarl logback logback-core HardenedObjectInputStream logback-core modules allows Object Injection, albe...

6.3CVSS6.3AI score0.00342EPSS
Exploits0References3
OSV
OSVadded 2026/05/28 2:16 p.m.3 views

DEBIAN-CVE-2026-9828

Deserialization of untrusted data vulnerability in QOS.CH Sarl logback logback-core HardenedObjectInputStream logback-core modules allows Object Injection albeit heavily restricted. More precisely, an attacker able to influence serialized data sent to SimpleSocketServer or SimpleSSLSocketServer c...

6.3CVSS6.4AI score0.0037EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/28 12:52 p.m.15 views

EUVD-2026-32895

Deserialization of untrusted data vulnerability in QOS.CH Sarl logback logback-core HardenedObjectInputStream logback-core modules allows Object Injection albeit heavily restricted. More precisely, an attacker able to influence serialized data sent to SimpleSocketServer or SimpleSSLSocketServer c...

2.1CVSS6.4AI score0.0037EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/05/28 12:0 a.m.5 views

PT-2026-44381

Name of the Vulnerable Software and Affected Versions logback versions prior to 1.5.33 Description Deserialization of untrusted data in the HardenedObjectInputStream module of logback-core allows for restricted Object Injection. An attacker capable of influencing serialized data sent to the...

6.3CVSS6.4AI score0.0037EPSS
Exploits0References10
BDU FSTEC
BDU FSTECadded 2022/02/10 12:0 a.m.4 views

The vulnerability of the logback logging library, related to deficiencies in the deserialization mechanism, allows attackers to execute arbitrary code.

The vulnerability of the logback logging library is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code...

8.5CVSS7.2AI score0.04439EPSS
Exploits1References6Affected Software5
BDU FSTEC
BDU FSTECadded 2019/11/25 12:0 a.m.3 views

The vulnerability of the Jackson-databind library, related to its inability to lock the logback-core class from polymorphic deserialization, allows a hacker to execute arbitrary code.

The vulnerability of the Jackson-databind library is related to its inability to prevent the logback-core class from being polymorphic deserialized. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.1CVSS7.3AI score0.45205EPSS
Exploits2References5Affected Software5
RedHat Linux
RedHat Linuxadded 2018/10/16 5:38 p.m.3 views

logback: Serialization vulnerability in SocketServer and ServerSocketReceiver

It was found that logback is vulnerable to a deserialization issue. Logback can be configured to allow remote logging through SocketServer/ServerSocketReceiver interfaces that can accept untrusted serialized data. Authenticated attackers on the adjacent network can leverage this vulnerability to...

9.8CVSS7.8AI score0.08611EPSS
Exploits0References4
Rows per page
Query Builder