Lucene search
K

4273 matches found

RedHat Linux
RedHat Linux
added 2020/04/21 12:35 p.m.71 views

Important: Red Hat Security Advisory: rh-maven35-jackson-databind security update

An update for rh-maven35-jackson-databind is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

8.8CVSS7.2AI score0.06278EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2020/04/21 12:35 p.m.3 views

jackson-databind: Serialization gadgets in javax.swing.JEditorPane

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality...

8.8CVSS7.1AI score0.03473EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/21 12:35 p.m.3 views

jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.8CVSS7.1AI score0.03489EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/04/21 12:35 p.m.3 views

jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider

A flaw was found in jackson-databind 2.x prior to version 2.9.10.4. The interaction between serialization gadgets and typing is mishandled in the bus-proxy. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.8CVSS7.1AI score0.03538EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/21 11:39 a.m.4 views

OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

4.3CVSS7.3AI score0.04211EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/21 11:26 a.m.101 views

Important: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

8.3CVSS6.7AI score0.0623EPSS
Exploits0References14
RedHat Linux
RedHat Linux
added 2020/04/21 10:29 a.m.117 views

Important: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.3CVSS6.7AI score0.0623EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2020/04/21 10:29 a.m.5 views

OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

4.3CVSS7.3AI score0.04211EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/21 10:28 a.m.2 views

OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

4.3CVSS7.3AI score0.04211EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/21 9:40 a.m.5 views

OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

4.3CVSS7.3AI score0.04211EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/04/21 12:0 a.m.51 views

RHEL 7 : java-1.8.0-openjdk (RHSA-2020:1512)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1512 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...

8.3CVSS6.8AI score0.0623EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2020/04/21 12:0 a.m.59 views

RHEL 6 : java-1.7.0-openjdk (RHSA-2020:1508)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1508 advisory. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security...

8.3CVSS6.8AI score0.0623EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2020/04/21 12:0 a.m.45 views

RHEL 7 : java-1.7.0-openjdk (RHSA-2020:1507)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1507 advisory. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security...

8.3CVSS6.8AI score0.0623EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2020/04/20 12:0 a.m.58 views

Debian DLA-2179-1 : jackson-databind security update

Following CVEs were reported against the jackson-databind source package : CVE-2020-10968 FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider aka bus-proxy. CVE-2020-10969...

8.8CVSS8AI score0.06278EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2020/04/18 12:0 a.m.31 views

Debian: Security Advisory (DLA-2179-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.7AI score0.06278EPSS
Exploits0References3
Snyk
Snyk
added 2020/04/17 12:0 a.m.5 views

Malicious Package

Overview array-xml-serialization is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...

8CVSS6.9AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/04/16 7:46 p.m.2 views

jackson-databind: serialization in com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.5. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.1CVSS7.1AI score0.08072EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/16 7:46 p.m.4 views

jackson-databind: Serialization gadgets in org.springframework:spring-aop

A flaw was found in jackson-databind 2.x. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.1CVSS7.1AI score0.03607EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/16 7:46 p.m.3 views

jackson-databind: serialization in weblogic/oracle-aqjms

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.5. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.1CVSS7.1AI score0.04421EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/16 7:46 p.m.1 views

jackson-databind: serialization in oadd.org.apache.xalan.lib.sql.JNDIConnectionPool

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.5. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.1CVSS7.1AI score0.08607EPSS
Exploits0References4
Rows per page
Query Builder