Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Retail Sales Audit Security Vulnerabilities - 2020

cve
cve

CVE-2019-20330

FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.

9.8CVSS

9.2AI Score

0.006EPSS

2020-01-03 04:15 AM
321
4
cve
cve

CVE-2020-10672

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).

8.8CVSS

8.3AI Score

0.008EPSS

2020-03-18 10:15 PM
187
3
cve
cve

CVE-2020-10673

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).

8.8CVSS

8.3AI Score

0.008EPSS

2020-03-18 10:15 PM
235
3
cve
cve

CVE-2020-10968

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).

8.8CVSS

8.3AI Score

0.008EPSS

2020-03-26 01:15 PM
177
3
cve
cve

CVE-2020-10969

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.

8.8CVSS

8.3AI Score

0.008EPSS

2020-03-26 01:15 PM
171
3
cve
cve

CVE-2020-11111

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).

8.8CVSS

8.3AI Score

0.008EPSS

2020-03-31 05:15 AM
171
4
cve
cve

CVE-2020-11112

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).

8.8CVSS

8.3AI Score

0.008EPSS

2020-03-31 05:15 AM
150
4
cve
cve

CVE-2020-11113

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).

8.8CVSS

8.3AI Score

0.008EPSS

2020-03-31 05:15 AM
229
3
cve
cve

CVE-2020-11619

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).

8.1CVSS

8AI Score

0.05EPSS

2020-04-07 11:15 PM
183
2
cve
cve

CVE-2020-11620

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).

8.1CVSS

8AI Score

0.043EPSS

2020-04-07 11:15 PM
126
2
cve
cve

CVE-2020-9546

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).

9.8CVSS

9.2AI Score

0.007EPSS

2020-03-02 04:15 AM
276
2
cve
cve

CVE-2020-9548

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).

9.8CVSS

9.1AI Score

0.004EPSS

2020-03-02 04:15 AM
295