Lucene search
K

19 matches found

Vulnrichment
Vulnrichment
added 2025/12/08 12:0 a.m.3 views

CVE-2025-63721

HummerRisk thru v1.5.0 is using a vulnerable Snakeyaml component, allowing attackers with normal user privileges to hit the /rule/add API and thereby achieve RCE and take over the server...

6.5AI score0.0042EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2025/02/24 12:8 a.m.4 views

SnakeYaml: Constructor Deserialization Remote Code Execution

A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution RCE...

9.8CVSS7.5AI score0.99615EPSS
Exploits7References5
RedHat Linux
RedHat Linux
added 2024/02/12 10:38 a.m.6 views

snakeyaml: Denial of Service due to missing nested depth limitation for collections

A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service DoS due to missing nested depth limitation for collections...

7.5CVSS6.8AI score0.02191EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2024/02/12 10:26 a.m.6 views

snakeyaml: Denial of Service due to missing nested depth limitation for collections

A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service DoS due to missing nested depth limitation for collections...

7.5CVSS6.8AI score0.02191EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2023/06/15 3:23 p.m.2 views

snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject

A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash...

6.5CVSS6.8AI score0.01025EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/05/10 11:25 a.m.5 views

snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode

A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash...

6.5CVSS6.8AI score0.02091EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/05/03 3:54 p.m.3 views

snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match

A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash...

6.5CVSS6.8AI score0.01507EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/05/03 3:54 p.m.4 views

snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode

A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash...

6.5CVSS6.8AI score0.02091EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/05/03 2:5 p.m.6 views

snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode

A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service...

6.5CVSS6.8AI score0.01642EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/03/29 11:44 a.m.4 views

snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode

A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash...

6.5CVSS6.8AI score0.02091EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/03/01 10:2 p.m.12 views

snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode

A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service...

6.5CVSS6.8AI score0.01642EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/03/01 10:2 p.m.7 views

snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject

A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash...

6.5CVSS6.8AI score0.01025EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/03/01 9:58 p.m.7 views

snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match

A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash...

6.5CVSS6.8AI score0.01507EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/03/01 9:45 p.m.5 views

snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match

A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash...

6.5CVSS6.8AI score0.01507EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/01/17 11:47 a.m.5 views

snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode

A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash...

6.5CVSS6.8AI score0.02091EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/11/17 1:40 p.m.5 views

snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match

A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash...

6.5CVSS6.8AI score0.01507EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/11/04 12:0 a.m.7 views

PT-2022-20891 · Spring · Spring Boot Tools +1

Name of the Vulnerable Software and Affected Versions: Spring Tools 4 for Eclipse version 4.16.0 and below Spring Boot Tools version 1.39.0 and below Concourse CI Pipeline Editor version 1.39.0 and below Bosh Editor version 1.39.0 and below Cloudfoundry Manifest YML Support version 1.39.0 and bel...

9.8CVSS9.7AI score0.02391EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2022/10/05 2:50 p.m.5 views

snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match

A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash...

6.5CVSS6.8AI score0.01507EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/10/05 2:50 p.m.4 views

snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject

A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash...

6.5CVSS6.8AI score0.01025EPSS
Exploits1References4
Rows per page
Query Builder