Lucene search

K

Communications Convergent Charging Controller Security Vulnerabilities - 2021

cve
cve

CVE-2020-36179

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS.

8.1CVSS

7.7AI Score

0.004EPSS

2021-01-07 12:15 AM
230
16
cve
cve

CVE-2020-36180

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.

8.1CVSS

7.7AI Score

0.003EPSS

2021-01-07 12:15 AM
239
12
cve
cve

CVE-2020-36181

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS.

8.1CVSS

7.7AI Score

0.003EPSS

2021-01-06 11:15 PM
221
4
cve
cve

CVE-2020-36182

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.

8.1CVSS

7.7AI Score

0.003EPSS

2021-01-07 12:15 AM
229
6
cve
cve

CVE-2020-36183

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.

8.1CVSS

7.7AI Score

0.003EPSS

2021-01-07 12:15 AM
233
7
cve
cve

CVE-2020-36184

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.

8.1CVSS

7.7AI Score

0.003EPSS

2021-01-06 11:15 PM
221
6
cve
cve

CVE-2020-36185

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource.

8.1CVSS

7.7AI Score

0.003EPSS

2021-01-06 11:15 PM
221
7
cve
cve

CVE-2020-36186

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource.

8.1CVSS

7.7AI Score

0.003EPSS

2021-01-06 11:15 PM
215
6
cve
cve

CVE-2020-36187

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource.

8.1CVSS

7.7AI Score

0.003EPSS

2021-01-06 11:15 PM
212
7
cve
cve

CVE-2020-36188

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource.

8.1CVSS

7.7AI Score

0.003EPSS

2021-01-06 11:15 PM
221
5
cve
cve

CVE-2020-36189

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource.

8.1CVSS

7.7AI Score

0.003EPSS

2021-01-06 11:15 PM
229
6
cve
cve

CVE-2021-2351

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option. S...

8.3CVSS

8.5AI Score

0.013EPSS

2021-07-21 03:15 PM
165
9
cve
cve

CVE-2021-45105

Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue wa...

5.9CVSS

7.5AI Score

0.96EPSS

2021-12-18 12:15 PM
763
In Wild
4