Lucene search
K

4276 matches found

RedHat Linux
RedHat Linux
added 2020/06/11 9:3 a.m.2 views

jackson-databind: Serialization gadgets in anteros-core

A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS7.1AI score0.18345EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/06/11 9:3 a.m.3 views

jackson-databind: Serialization gadgets in ibatis-sqlmap

A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS7.1AI score0.18671EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/06/11 9:3 a.m.5 views

jackson-databind: Serialization gadgets in shaded-hikari-config

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS7.1AI score0.04613EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/06/11 7:9 a.m.2 views

jackson-databind: Serialization gadgets in shaded-hikari-config

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS7.1AI score0.04613EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/06/11 7:9 a.m.1 views

jackson-databind: Serialization gadgets in ibatis-sqlmap

A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS7.1AI score0.18671EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/06/11 7:9 a.m.3 views

jackson-databind: Serialization gadgets in anteros-core

A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS7.1AI score0.18345EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2020/06/10 9:12 p.m.53 views

jackson-databind mishandles the interaction between serialization gadgets and typing

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider aka apache/commons-proxy...

8.8CVSS3.5AI score0.03583EPSS
Exploits0References10Affected Software1
OSV
OSV
added 2020/06/10 9:12 p.m.0 views

GHSA-58PP-9C76-5625 jackson-databind mishandles the interaction between serialization gadgets and typing

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider aka apache/commons-proxy...

8.8CVSS7.1AI score0.03583EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2020/06/10 7:23 p.m.2 views

jackson-databind: Serialization gadgets in anteros-core

A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS7.1AI score0.18345EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/06/10 7:23 p.m.2 views

jackson-databind: Serialization gadgets in shaded-hikari-config

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS7.1AI score0.04613EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/06/10 7:23 p.m.3 views

jackson-databind: Serialization gadgets in ibatis-sqlmap

A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS7.1AI score0.18671EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2020/06/02 12:0 a.m.2 views

The vulnerability of the Serialization component in Java SE and Java SE Embedded software platforms allows a attacker to trigger a service failure.

The vulnerability of the Serialization component in Java SE and Java SE Embedded software platforms is related to deficiencies in access control. Exploiting this vulnerability allows an attacker to cause service failures through various network protocols...

4.3CVSS6.4AI score0.04211EPSS
Exploits0References11Affected Software6
BDU FSTEC
BDU FSTEC
added 2020/06/02 12:0 a.m.5 views

The vulnerability of the Serialization component in Java SE and Java SE Embedded software platforms allows a attacker to trigger a service failure.

The vulnerability of the Serialization component in Java SE and Java SE Embedded software platforms is related to deficiencies in access control. Exploiting this vulnerability allows an attacker to cause service failures through various network protocols...

4.3CVSS6.4AI score0.04211EPSS
Exploits0References11Affected Software6
Veracode
Veracode
added 2020/06/01 5:31 a.m.12 views

Incorrect Account Used For Signing

eth-ledger-bridge-keyring is uses an incorrect account for signing. The vulnerability exists as the account index 0 is always used for signing even if it isn't the current account, after a serialization/deserialization process...

3.2AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2020/05/28 9:1 p.m.40 views

Security Bulletin: IBM Planning Analytics has addressed multiple Security Vulnerabilities

Summary This Security Bulletin addresses security vulnerabilities that have been remediated in IBM Planning Analytics 2.0.9.1. There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by IBM Planning Analytics. These issues were disclosed as part of the IBM Java SDK...

7.2CVSS1.3AI score0.0404EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2020/05/28 3:58 p.m.9 views

jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.8CVSS7.1AI score0.03489EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/05/28 3:58 p.m.3 views

jackson-databind: Serialization gadgets in ibatis-sqlmap

A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS7.1AI score0.18671EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/05/28 3:58 p.m.7 views

jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.8CVSS7.1AI score0.03583EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/05/28 3:58 p.m.4 views

jackson-databind: Serialization gadgets in javax.swing.JEditorPane

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality...

8.8CVSS7.1AI score0.03473EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/05/28 3:58 p.m.11 views

jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.8CVSS7.1AI score0.06278EPSS
Exploits0References5
Rows per page
Query Builder