Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jackson vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2008-0017
The http-index-format MIME type parser (nsDirIndexParser) in Firefox 3.x prior to 3.0.4, Firefox 2.x prior to 2.0.0.18, and SeaMonkey 1.x prior to 1.1.13 does not check for an allocation failure, which allows remote malicious users to cause a denial of service (crash) and possibl...
Mozilla Firefox
Mozilla Seamonkey
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.06
Debian Debian Linux 4.0
Debian Debian Linux 5.0
9.3
CVSSv2
CVE-2008-3837
Mozilla Firefox prior to 2.0.0.17 and 3.x prior to 3.0.2, and SeaMonkey prior to 1.1.12, allow user-assisted remote malicious users to move a window during a mouse click, and possibly force a file download or unspecified other drag-and-drop action, via a crafted onmousedown actio...
Mozilla Firefox
Mozilla Seamonkey
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
9.3
CVSSv2
CVE-2008-2785
Mozilla Firefox prior to 2.0.0.16 and 3.x prior to 3.0.1, Thunderbird prior to 2.0.0.16, and SeaMonkey prior to 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array (aka nsCSSValue:Array) data structure, which allows remote malicious u...
Mozilla Firefox 2.0
Mozilla Firefox 2.0.0.1
Mozilla Firefox 2.0.0.5
Mozilla Firefox 2.0.0.6
Mozilla Thunderbird 2.0.0.9
Mozilla Thunderbird 2.0.0.6
Mozilla Thunderbird 1.5.0.10
Mozilla Thunderbird 1.5.0.9
Mozilla Thunderbird 1.0.7
Mozilla Thunderbird 1.0.6
Mozilla Thunderbird 0.6
Mozilla Thunderbird 0.5
Mozilla Seamonkey 1.0.9
Mozilla Seamonkey 1.0.8
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.1.8
Mozilla Seamonkey 1.1.7
Mozilla Firefox 2.0.0.3
Mozilla Firefox 2.0.0.4
Mozilla Firefox
Mozilla Thunderbird 2.0.0.12
Mozilla Thunderbird 1.5.0.13
8.3
CVSSv2
CVE-2021-20190
A flaw was found in jackson-databind prior to 2.9.10.7. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Fasterxml Jackson-databind
Netapp Oncommand Insight -
Netapp Service Level Manager -
Netapp Oncommand Api Services -
Netapp Active Iq Unified Manager -
Apache Nifi
Debian Debian Linux 9.0
Oracle Commerce Guided Search And Experience Manager 11.3.2
7.8
CVSSv2
CVE-2008-4068
Directory traversal vulnerability in Mozilla Firefox prior to 2.0.0.17 and 3.x prior to 3.0.2, Thunderbird prior to 2.0.0.17, and SeaMonkey prior to 1.1.12 allows remote malicious users to bypass "restrictions imposed on local HTML files," and obtain sensitive informati...
Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.10
7.5
CVSSv2
CVE-2019-14893
A flaw exists in FasterXML jackson-databind in all versions prior to 2.9.10 and 2.10.0, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping(...
Fasterxml Jackson-databind
Netapp Steelstore Cloud Integrated Storage -
Netapp Oncommand Api Services -
Oracle Goldengate Stream Analytics
7.5
CVSSv2
CVE-2019-14892
A flaw exists in jackson-databind in versions prior to 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code.
Fasterxml Jackson-databind
Redhat Jboss Enterprise Application Platform 7.0
Redhat Decision Manager 7.0
Redhat Jboss Fuse 7.0.0
Redhat Process Automation 7.0
Redhat Jboss Data Grid 7.0.0
Redhat Openshift Container Platform 4.3
Redhat Jboss Data Grid -
Apache Geode 1.12.0
1 Github repository
7.5
CVSSv2
CVE-2020-8840
FasterXML jackson-databind 2.0.0 up to and including 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Netapp Steelstore Cloud Integrated Storage -
Netapp Oncommand Workflow Automation -
Netapp Service Level Manager -
Netapp Oncommand Api Services -
Huawei Oceanstor 9000 Firmware V300r006c20
Huawei Oceanstor 9000 Firmware V300r006c20spc100
Huawei Oceanstor 9000 Firmware V300r006c20spc200
Huawei Oceanstor 9000 Firmware V300r006c20spc300
Oracle Global Lifecycle Management Opatch
9 Github repositories
7.5
CVSSv2
CVE-2019-20330
FasterXML jackson-databind 2.x prior to 2.9.10.2 lacks certain net.sf.ehcache blocking.
Fasterxml Jackson-databind
Oracle Retail Xstore Point Of Service 15.0
Oracle Primavera Unifier 16.2
Oracle Primavera Unifier 16.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Weblogic Server 12.2.1.4.0
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.4.0
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Communications Instant Messaging Server 10.0.1.4.0
Oracle Retail Xstore Point Of Service 17.0
Oracle Retail Xstore Point Of Service 18.0
Oracle Retail Xstore Point Of Service 19.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Billing And Revenue Management 7.5.0.23.0
Oracle Global Lifecycle Management Opatch
Oracle Trace File Analyzer 19c
7.5
CVSSv2
CVE-2019-12017
A remote code execution vulnerability exists in MapR CLDB code, specifically in the JSON framework that is used in the CLDB code that handles login and ticket issuance. An attacker can use the 'class' property of the JSON request sent to the CLDB to influence the JSON l...
Mapr Mapr
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »