Lucene search
K

4274 matches found

RedHat Linux
RedHat Linux
added 2020/04/16 7:46 p.m.1 views

jackson-databind: serialization in oadd.org.apache.xalan.lib.sql.JNDIConnectionPool

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.5. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.1CVSS7.1AI score0.08607EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/16 7:46 p.m.3 views

jackson-databind: Serialization gadgets in javax.swing.JEditorPane

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality...

8.8CVSS7.1AI score0.03473EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/16 7:46 p.m.6 views

jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider

A flaw was found in jackson-databind 2.x prior to version 2.9.10.4. The interaction between serialization gadgets and typing is mishandled in the bus-proxy. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.8CVSS7.1AI score0.03538EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/16 7:46 p.m.3 views

jackson-databind: Serialization gadgets in ibatis-sqlmap

A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS7.1AI score0.18671EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/16 7:46 p.m.2 views

jackson-databind: Serialization gadgets in shaded-hikari-config

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS7.1AI score0.04613EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/16 7:46 p.m.3 views

jackson-databind: Serialization gadgets in anteros-core

A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS7.1AI score0.18345EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/04/16 12:0 a.m.86 views

Oracle Java SE 1.7.0_261 / 1.8.0_251 / 1.11.0_7 / 1.14.0_1 Multiple Vulnerabilities (Apr 2020 CPU)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 7 Update 261, 8 Update 251, 11 Update 7, or 14 Update 1. It is, therefore, affected by multiple vulnerabilities related to the following components : - Oracle Java SE and Java SE Embedded are...

8.3CVSS6.9AI score0.0623EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2020/04/16 12:0 a.m.1465 views

Oracle Java SE 1.7.0_261 / 1.8.0_251 / 1.11.0_7 / 1.14.0_1 Multiple Vulnerabilities (Apr 2020 CPU) (Unix)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 7 Update 261, 8 Update 251, 11 Update 7, or 14 Update 1. It is, therefore, affected by multiple vulnerabilities related to the following components : - Oracle Java SE and Java SE Embedded are...

8.3CVSS6.9AI score0.0623EPSS
Exploits0References17
CNVD
CNVD
added 2020/04/16 12:0 a.m.2 views

Unspecified Vulnerability in Oracle Java SE and Java SE Embedded Serialization Component

Oracle Java SE and Oracle Java SE Embedded are both products of Oracle Corporation.Oracle Java SE is a Java platform for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments.Oracle Java SE Embedded is a Java platform that targets Java...

4.3CVSS8.5AI score0.04211EPSS
Exploits0References1
OSV
OSV
added 2020/04/15 2:15 p.m.2 views

DEBIAN-CVE-2020-2757

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

3.7CVSS5.8AI score0.04211EPSS
Exploits0References1
OSV
OSV
added 2020/04/15 2:15 p.m.1 views

UBUNTU-CVE-2020-2757

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

3.7CVSS6.6AI score0.04211EPSS
Exploits0References4
OSV
OSV
added 2020/04/15 2:15 p.m.1 views

UBUNTU-CVE-2020-2756

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

3.7CVSS6.7AI score0.04211EPSS
Exploits0References4
Prion
Prion
added 2020/04/15 2:15 p.m.22 views

Design/Logic Flaw

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

4.3CVSS4AI score0.04211EPSS
Exploits0References15Affected Software11
Prion
Prion
added 2020/04/15 2:15 p.m.21 views

Design/Logic Flaw

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

4.3CVSS4AI score0.04211EPSS
Exploits0References15Affected Software11
UbuntuCve
UbuntuCve
added 2020/04/15 2:15 p.m.43 views

CVE-2020-2757

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

4.3CVSS6.7AI score0.04211EPSS
Exploits0References3
Cvelist
Cvelist
added 2020/04/15 1:29 p.m.22 views

CVE-2020-2757

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

3.7CVSS4.4AI score0.04211EPSS
Exploits0References15
CVE
CVE
added 2020/04/15 1:29 p.m.403 views

CVE-2020-2757

CVE-2020-2757 affects Oracle Java SE/SE Embedded (Serialization). Vulnerable: Java SE: 7u251, 8u241, 11.0.6, 14; SE Embedded: 8u241. Impact: unauthenticated network access leading to partial DoS on Java SE/SE Embedded. Root cause: serialization-related handling in the affected component; sandboxe...

4.3CVSS4.2AI score0.04211EPSS
Exploits0References15Affected Software2
CVE
CVE
added 2020/04/15 1:29 p.m.384 views

CVE-2020-2756

CVE-2020-2756 affects Oracle Java SE/Java SE Embedded (component: Serialization). Affected: Java SE 7u251, 8u241, 11.0.6, 14; Java SE Embedded 8u241. An unauthenticated, network-exposed attacker can exploit to cause a partial Denial of Service. Connected advisories show remediation via updating t...

4.3CVSS4.2AI score0.04211EPSS
Exploits0References15Affected Software2
Debian CVE
Debian CVE
added 2020/04/15 1:29 p.m.46 views

CVE-2020-2756

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

4.3CVSS4.9AI score0.04211EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2020/04/15 1:29 p.m.36 views

CVE-2020-2757

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

4.3CVSS4.7AI score0.04211EPSS
Exploits0
Rows per page
Query Builder