Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

857 matches found

NVD
NVDadded 2019/01/02 6:29 p.m.18 views

CVE-2018-19361

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization...

9.8CVSS8.8AI score0.02435EPSS
Exploits0References37
OSV
OSVadded 2019/01/02 6:29 p.m.1 views

DEBIAN-CVE-2018-19361

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization...

9.8CVSS9.3AI score0.02435EPSS
Exploits0References1
UbuntuCve
UbuntuCveadded 2019/01/02 6:29 p.m.32 views

CVE-2018-19361

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization...

9.8CVSS7.2AI score0.02435EPSS
Exploits0References6
OSV
OSVadded 2019/01/02 6:29 p.m.24 views

CVE-2018-19361

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization...

9.8CVSS9.7AI score
Exploits0References37
OSV
OSVadded 2019/01/02 6:29 p.m.24 views

CVE-2018-19362

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization...

9.8CVSS9.7AI score
Exploits0References38
Prion
Prionadded 2019/01/02 6:29 p.m.24 views

Deserialization of untrusted data

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization...

7.5CVSS9.4AI score0.06658EPSS
Exploits0References37Affected Software12
OSV
OSVadded 2019/01/02 6:29 p.m.1 views

UBUNTU-CVE-2018-19362

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization...

9.8CVSS7.3AI score0.04124EPSS
Exploits0References7
CVE
CVEadded 2019/01/02 6:0 p.m.401 views

CVE-2018-19360

CVE-2018-19360 affects FasterXML jackson-databind 2.x before 2.9.8, where failure to block the axis2-transport-jms class enables polymorphic deserialization with unspecified impact. IBM/Cloudera docs corroborate related deserialization flaws across jackson-databind versions and list remediation a...

9.8CVSS8.8AI score0.06658EPSS
Exploits0References37Affected Software1
Cvelist
Cvelistadded 2019/01/02 6:0 p.m.21 views

CVE-2018-19362

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization...

8.8AI score0.04124EPSS
Exploits0References38
Cvelist
Cvelistadded 2019/01/02 6:0 p.m.21 views

CVE-2018-14720

FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity XXE attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization...

9.5AI score0.03348EPSS
Exploits0References32
Cvelist
Cvelistadded 2019/01/02 6:0 p.m.25 views

CVE-2018-14719

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization...

9.8AI score0.03461EPSS
Exploits0References31
Debian CVE
Debian CVEadded 2019/01/02 6:0 p.m.41 views

CVE-2018-14719

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization...

9.8CVSS9.6AI score0.03461EPSS
Exploits0
Debian CVE
Debian CVEadded 2019/01/02 6:0 p.m.31 views

CVE-2018-14721

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery SSRF attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization...

10CVSS9.9AI score0.09436EPSS
Exploits0
Cvelist
Cvelistadded 2019/01/02 6:0 p.m.25 views

CVE-2018-14718

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization...

9.8AI score0.14515EPSS
Exploits0References35
Debian CVE
Debian CVEadded 2019/01/02 6:0 p.m.43 views

CVE-2018-14720

FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity XXE attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization...

9.8CVSS9.8AI score0.03348EPSS
Exploits0
Debian CVE
Debian CVEadded 2019/01/02 6:0 p.m.31 views

CVE-2018-19361

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization...

9.8CVSS10AI score0.02435EPSS
Exploits0
CVE
CVEadded 2019/01/02 6:0 p.m.210 views

CVE-2018-19362

CVE-2018-19362: A vulnerability in Jackson Databind (FasterXML) affects 2.x prior to 2.9.8, due to failure to block the jboss-common-core class in polymorphic deserialization. The IBM doc lists an unknown impact/attack vector with a base score of 5.3 and notes the issue as an unspecified deserial...

9.8CVSS8.8AI score0.04124EPSS
Exploits0References38Affected Software1
Cvelist
Cvelistadded 2019/01/02 6:0 p.m.19 views

CVE-2018-19361

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization...

8.8AI score0.02435EPSS
Exploits0References37
CVE
CVEadded 2019/01/02 6:0 p.m.413 views

CVE-2018-19361

CVE-2018-19361 is listed in the IBM Cloudera Observability bulletin as affecting Cloudera Observability on Premises 3.5.3, with remediation in 3.6.2. Description from the bulletin notes that FasterXML jackson-databind 2.x before 2.9.8 allows polymorphic deserialization via the openjpa class, yiel...

9.8CVSS8.8AI score0.02435EPSS
Exploits0References37Affected Software1
Debian CVE
Debian CVEadded 2019/01/02 6:0 p.m.27 views

CVE-2018-19360

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization...

9.8CVSS10AI score0.06658EPSS
Exploits0
Rows per page
Query Builder