CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

GithubExploit•added 2026/05/18 6:45 a.m.•44 views

Docker_MCP_POC

Java vulnerable scan POC Minimal Maven project used to comp...

9.8CVSS7AI score0.94251EPSS

Exploits41

vulnersOsv•added 2025/08/13 7:6 p.m.•2 views

ai.ancf.lmos:arc-gemini-client (>=0.1.1 <=0.104.0), ai.bareun.tagger:bareun (>=1.0.0 <=1.4.3) +5261 more potentially affected by CVE-2025-55163 via io.grpc:grpc-netty-shaded (>=1.10.1 <=1.74.0)

io.grpc:grpc-netty-shaded MAVEN version =1.10.1, =0.1.1, =1.0.0, =0.0.23, =0.9.0, =3.10.0.5, =0.2.7, =0.2.7, =1.3.3, =24.9.0, =24.9.0, =24.9.0, =24.9.0, =24.9.5, =24.9.0, =24.9.0, =25.10.7 and more Source cves: CVE-2025-55163 Source advisory: SNYK:JAVA-IOGRPC-13786834...

8.2CVSS6.9AI score0.00053EPSS

Exploits1

vulnersOsv•added 2025/08/13 7:6 p.m.•7 views

ai.ancf.lmos:arc-gemini-client (>=0.1.1 <=0.104.0), ai.bareun.tagger:bareun (>=1.0.0 <=1.4.3) +5261 more potentially affected by CVE-2025-55163 via io.grpc:grpc-netty-shaded (>=1.10.1 <=1.74.0)

8.2CVSS6.9AI score0.00053EPSS

Exploits1

Positive Technologies•added 2024/08/16 12:0 a.m.•2 views

PT-2024-40854 · Git +1 · Xpdf

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ. The crash state involves several function calls, including ShadingImage::generateAxialBitmap,...

6.9AI score

Exploits0References2

vulnersOsv•added 2023/11/23 6:30 p.m.•5 views

app.cash.backfila:client-misk (>=2023.12.01.210510-f61f157 <=2025.09.02.174848-7b27340), app.cash.backfila:client-misk-hibernate (>=2023.12.01.210510-f61f157 <=2025.01.16.180443-b0fbc31) +1597 more potentially affected by CVE-2023-33202 via org.bouncycastle:bcpkix-jdk18on (>=1.71 <=1.72)

org.bouncycastle:bcpkix-jdk18on MAVEN version =1.71, =2023.12.01.210510-f61f157, =2023.12.01.210510-f61f157, =2023.12.01.210510-f61f157, =2023.12.01.210510-f61f157, =4.8.3, =1.4.0, =8.1.0.563, =1.1, =1.0.0, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.7.12 and more Source cves: CVE-2023-3320...

5.5CVSS6.5AI score0.00214EPSS

Exploits1

SUSE CVE•added 2023/02/15 4:0 a.m.•1 views

SUSE CVE-2020-9546

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig aka shaded hikari-config...

9.8CVSS8.2AI score0.0239EPSS

Exploits0References3

RedHat Linux•added 2020/09/17 1:7 p.m.•1 views

jackson-databind: Serialization gadgets in shaded-hikari-config

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS7.1AI score0.0239EPSS

Exploits0References4

RedHat Linux•added 2020/09/07 12:58 p.m.•1 views

jackson-databind: Serialization gadgets in shaded-hikari-config

9.8CVSS7.1AI score0.0239EPSS

Exploits0References4

RedHat Linux•added 2020/07/30 8:22 p.m.•1 views

jackson-databind: Serialization gadgets in shaded-hikari-config

9.8CVSS7.1AI score0.0239EPSS

Exploits0References4

RedHat Linux•added 2020/07/29 6:6 a.m.•2 views

jackson-databind: Serialization gadgets in shaded-hikari-config

9.8CVSS7.1AI score0.0239EPSS

Exploits0References4

RedHat Linux•added 2020/06/11 9:3 a.m.•1 views

jackson-databind: Serialization gadgets in shaded-hikari-config

9.8CVSS7.1AI score0.0239EPSS

Exploits0References4

RedHat Linux•added 2020/06/11 7:9 a.m.•1 views

jackson-databind: Serialization gadgets in shaded-hikari-config

9.8CVSS7.1AI score0.0239EPSS

Exploits0References4

OSV•added 2020/04/23 9:8 p.m.•0 views

GHSA-5P34-5M6P-P58G jackson-databind mishandles the interaction between serialization gadgets and typing

9.8CVSS7.1AI score0.0239EPSS

Exploits0References29

Github Security Blog•added 2020/04/23 9:8 p.m.•82 views

jackson-databind mishandles the interaction between serialization gadgets and typing

9.8CVSS3.2AI score0.0239EPSS

Exploits0References29Affected Software1

RedHat Linux•added 2020/04/16 7:46 p.m.•2 views

jackson-databind: Serialization gadgets in shaded-hikari-config

9.8CVSS7.1AI score0.0239EPSS

Exploits0References4

Veracode•added 2020/03/03 3:42 a.m.•35 views

Deserialization Of Untrusted Object

jackson-databind is vulnerable to deserialization of untrusted data. It is possible because untrusted class org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig aka shaded hikari-config was not filtered by default from the interaction between serialization gadgets and polymorphic typing...

9.8CVSS3.5AI score0.0239EPSS

Exploits0References28Affected Software305

OSV•added 2020/03/02 4:15 a.m.•2 views

DEBIAN-CVE-2020-9546

9.8CVSS8.1AI score0.0239EPSS

Exploits0References1

OSV•added 2020/03/02 4:15 a.m.•28 views

CVE-2020-9546

9.8CVSS9.3AI score

Exploits0References17

Prion•added 2020/03/02 4:15 a.m.•25 views

Design/Logic Flaw

6.8CVSS9.2AI score0.0239EPSS

Exploits0References17Affected Software31

CVE•added 2020/03/02 3:59 a.m.•553 views

CVE-2020-9546

CVE-2020-9546 affects FasterXML jackson-databind 2.x before 2.9.10.4, where serialization gadgets and typing interactions involving org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig can lead to deserialization issues. The IBM/Cloudera bulletin references the same CVE and lists a high impact...

9.8CVSS9.2AI score0.0239EPSS

Exploits0References17Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by