Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
viewpoint vulnerabilities and exploits
(subscribe to this query)
8.5
CVSSv2
CVE-2013-4629
The Huawei viewpoint VP9610 and VP9620 units for the Huawei Video Conference system do not update the Session ID upon successful establishment of a login session, which allows remote authenticated users to hijack sessions via an unspecified interception method.
Huawei Vp 9620
Huawei Vp 9610
7.6
CVSSv2
CVE-2020-25696
A flaw was found in the psql interactive terminal of PostgreSQL in versions prior to 13.1, prior to 12.5, prior to 11.10, prior to 10.15, prior to 9.6.20 and prior to 9.5.24. If an interactive psql session uses \gset when querying a compromised server, the attacker can execute ar...
Postgresql Postgresql
Debian Debian Linux 9.0
7.5
CVSSv2
CVE-2020-35338
The Web Administrative Interface in Mobile Viewpoint Wireless Multiplex Terminal (WMT) Playout Server 20.2.8 and previous versions has a default account with a password of "pokon."
Mobileviewpoint Wireless Multiplex Terminal Playout Server
7.5
CVSSv2
CVE-2019-14893
A flaw exists in FasterXML jackson-databind in all versions prior to 2.9.10 and 2.10.0, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping(...
Fasterxml Jackson-databind
Netapp Steelstore Cloud Integrated Storage -
Netapp Oncommand Api Services -
Oracle Goldengate Stream Analytics
7.5
CVSSv2
CVE-2019-14892
A flaw exists in jackson-databind in versions prior to 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code.
Fasterxml Jackson-databind
Redhat Jboss Enterprise Application Platform 7.0
Redhat Decision Manager 7.0
Redhat Jboss Fuse 7.0.0
Redhat Process Automation 7.0
Redhat Jboss Data Grid 7.0.0
Redhat Openshift Container Platform 4.3
Redhat Jboss Data Grid -
Apache Geode 1.12.0
1 Github repository
7.5
CVSSv2
CVE-2020-8840
FasterXML jackson-databind 2.0.0 up to and including 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Netapp Steelstore Cloud Integrated Storage -
Netapp Oncommand Workflow Automation -
Netapp Service Level Manager -
Netapp Oncommand Api Services -
Huawei Oceanstor 9000 Firmware V300r006c20
Huawei Oceanstor 9000 Firmware V300r006c20spc100
Huawei Oceanstor 9000 Firmware V300r006c20spc200
Huawei Oceanstor 9000 Firmware V300r006c20spc300
Oracle Global Lifecycle Management Opatch
9 Github repositories
7.5
CVSSv2
CVE-2019-20330
FasterXML jackson-databind 2.x prior to 2.9.10.2 lacks certain net.sf.ehcache blocking.
Fasterxml Jackson-databind
Oracle Retail Xstore Point Of Service 15.0
Oracle Primavera Unifier 16.2
Oracle Primavera Unifier 16.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Weblogic Server 12.2.1.4.0
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.4.0
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Communications Instant Messaging Server 10.0.1.4.0
Oracle Retail Xstore Point Of Service 17.0
Oracle Retail Xstore Point Of Service 18.0
Oracle Retail Xstore Point Of Service 19.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Billing And Revenue Management 7.5.0.23.0
Oracle Global Lifecycle Management Opatch
Oracle Trace File Analyzer 19c
7.5
CVSSv2
CVE-2019-17267
A Polymorphic Typing issue exists in FasterXML jackson-databind prior to 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.
Fasterxml Jackson-databind
Netapp Steelstore Cloud Integrated Storage -
Netapp Oncommand Workflow Automation -
Netapp Service Level Manager -
Netapp Oncommand Api Services -
Netapp Active Iq Unified Manager
Debian Debian Linux 8.0
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
Oracle Weblogic Server 12.2.1.3.0
Oracle Retail Customer Management And Segmentation Foundation 17.0
Oracle Goldengate Application Adapters 19.1.0.0.0
Oracle Customer Management And Segmentation Foundation
7.5
CVSSv2
CVE-2019-16942
A Polymorphic Typing issue exists in FasterXML jackson-databind 2.0.0 up to and including 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, a...
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Jboss Enterprise Application Platform 7.2.0
Redhat Jboss Enterprise Application Platform 7.3
Netapp Steelstore Cloud Integrated Storage -
Netapp Oncommand Workflow Automation -
Netapp Service Level Manager -
Netapp Oncommand Api Services -
Netapp Active Iq Unified Manager
Oracle Primavera Unifier 16.2
Oracle Banking Platform 2.4.0
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Banking Platform 2.4.1
Oracle Banking Platform 2.5.0
Oracle Primavera Unifier 16.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Database Server 12.2.0.1
2 Github repositories
7.5
CVSSv2
CVE-2019-10202
A series of deserialization vulnerabilities have been discovered in Codehaus 1.9.x implemented in EAP 7. This CVE fixes CVE-2017-17485, CVE-2017-7525, CVE-2017-15095, CVE-2018-5968, CVE-2018-7489, CVE-2018-1000873, CVE-2019-12086 reported for FasterXML jackson-databind by impleme...
Redhat Jboss Enterprise Application Platform 7.2.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »