Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virtualization vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-3888
A vulnerability was found in Undertow web server prior to 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUEST_LOGGER.undertowRequestFai...
Redhat Undertow
Redhat Virtualization 4.0
Redhat Virtualization Host 4.0
Redhat Jboss Data Grid -
Redhat Openshift Application Runtimes -
Netapp Active Iq Unified Manager -
9.8
CVSSv3
CVE-2019-10160
A security regression of CVE-2019-9636 exists in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an malicious user to exploit CVE-2019-9636 by abusing the user and password p...
Python Python
Python Python 3.8.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Eus 7.6
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Redhat Virtualization 4.0
Netapp Cloud Backup -
9.8
CVSSv3
CVE-2019-8457
SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.
Sqlite Sqlite
Canonical Ubuntu Linux 16.04
Opensuse Leap 42.3
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Canonical Ubuntu Linux 14.04
3 Github repositories
9.8
CVSSv3
CVE-2019-9636
Python 2.7.x up to and including 2.7.16 and 3.x up to and including 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a given ...
Python Python
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Leap 15.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux 7.5
Redhat Enterprise Linux Server Tus 7.4
Redhat Enterprise Linux Eus 7.5
1 Article
9.8
CVSSv3
CVE-2018-14718
FasterXML jackson-databind 2.x prior to 2.9.7 might allow remote malicious users to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Oracle Primavera Unifier 16.2
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Primavera P6 Enterprise Project Portfolio Management 16.2
Oracle Primavera P6 Enterprise Project Portfolio Management 15.1
Oracle Banking Platform 2.5.0
Oracle Primavera Unifier 16.1
Oracle Primavera P6 Enterprise Project Portfolio Management 16.1
Oracle Jdeveloper 12.1.3.0.0
Oracle Primavera P6 Enterprise Project Portfolio Management 15.2
Oracle Retail Merchandising System 16.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera P6 Enterprise Project Portfolio Management 18.8
Oracle Jd Edwards Enterpriseone Orchestrator 9.2
Oracle Communications Billing And Revenue Management 7.5
Oracle Communications Billing And Revenue Management 12.0
Oracle Financial Services Analytical Applications Infrastructure 8.0.2
9.8
CVSSv3
CVE-2018-14719
FasterXML jackson-databind 2.x prior to 2.9.7 might allow remote malicious users to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization.
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Oracle Primavera Unifier 16.2
Oracle Primavera P6 Enterprise Project Portfolio Management 16.2
Oracle Primavera P6 Enterprise Project Portfolio Management 15.1
Oracle Database Server 12.1.0.2
Oracle Banking Platform 2.5.0
Oracle Primavera Unifier 16.1
Oracle Database Server 11.2.0.4
Oracle Primavera P6 Enterprise Project Portfolio Management 16.1
Oracle Jdeveloper 12.1.3.0.0
Oracle Primavera P6 Enterprise Project Portfolio Management 15.2
Oracle Retail Merchandising System 16.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Database Server 12.2.0.1
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera P6 Enterprise Project Portfolio Management 18.8
Oracle Database Server 18c
Oracle Communications Billing And Revenue Management 7.5
9.8
CVSSv3
CVE-2018-14720
FasterXML jackson-databind 2.x prior to 2.9.7 might allow malicious users to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.
Fasterxml Jackson-databind 2.7.0
Fasterxml Jackson-databind
Fasterxml Jackson-databind 2.8.0
Fasterxml Jackson-databind 2.9.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Oracle Primavera Unifier 16.2
Oracle Banking Platform 2.5.0
Oracle Primavera Unifier 16.1
Oracle Jdeveloper 12.1.3.0.0
Oracle Retail Merchandising System 16.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Primavera Unifier
Oracle Communications Billing And Revenue Management 7.5
Oracle Communications Billing And Revenue Management 12.0
Oracle Financial Services Analytical Applications Infrastructure 8.0.2
Oracle Financial Services Analytical Applications Infrastructure 8.0.3
Oracle Financial Services Analytical Applications Infrastructure 8.0.4
Oracle Financial Services Analytical Applications Infrastructure 8.0.5
Oracle Financial Services Analytical Applications Infrastructure 8.0.6
Oracle Financial Services Analytical Applications Infrastructure 8.0.7
Oracle Banking Platform 2.6.0
9.8
CVSSv3
CVE-2018-19360
FasterXML jackson-databind 2.x prior to 2.9.8 might allow malicious users to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Oracle Primavera Unifier 16.2
Oracle Primavera P6 Enterprise Project Portfolio Management 16.2
Oracle Primavera P6 Enterprise Project Portfolio Management 15.1
Oracle Primavera Unifier 16.1
Oracle Primavera P6 Enterprise Project Portfolio Management 16.1
Oracle Primavera P6 Enterprise Project Portfolio Management 15.2
Oracle Webcenter Portal 12.2.1.3.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera P6 Enterprise Project Portfolio Management 18.8
Oracle Primavera Unifier 18.8
Oracle Retail Workforce Management Software 1.60.9.0.0
Oracle Primavera Unifier
Redhat Openshift Container Platform 3.11
Redhat Jboss Bpm Suite 6.4.11
Redhat Jboss Brms 6.4.10
Redhat Automation Manager 7.3.1
Redhat Decision Manager 7.3.1
1 Github repository
9.8
CVSSv3
CVE-2018-19361
FasterXML jackson-databind 2.x prior to 2.9.8 might allow malicious users to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Oracle Primavera Unifier 16.2
Oracle Primavera P6 Enterprise Project Portfolio Management 16.2
Oracle Primavera P6 Enterprise Project Portfolio Management 15.1
Oracle Primavera Unifier 16.1
Oracle Primavera P6 Enterprise Project Portfolio Management 16.1
Oracle Primavera P6 Enterprise Project Portfolio Management 15.2
Oracle Webcenter Portal 12.2.1.3.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera P6 Enterprise Project Portfolio Management 18.8
Oracle Primavera Unifier 18.8
Oracle Retail Workforce Management Software 1.60.9.0.0
Oracle Primavera Unifier
Redhat Openshift Container Platform 3.11
Redhat Jboss Bpm Suite 6.4.11
Redhat Jboss Brms 6.4.10
Redhat Automation Manager 7.3.1
Redhat Decision Manager 7.3.1
1 Github repository
9.8
CVSSv3
CVE-2018-19362
FasterXML jackson-databind 2.x prior to 2.9.8 might allow malicious users to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Oracle Primavera Unifier 16.2
Oracle Primavera P6 Enterprise Project Portfolio Management 16.2
Oracle Primavera P6 Enterprise Project Portfolio Management 15.1
Oracle Primavera Unifier 16.1
Oracle Primavera P6 Enterprise Project Portfolio Management 16.1
Oracle Primavera P6 Enterprise Project Portfolio Management 15.2
Oracle Webcenter Portal 12.2.1.3.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera P6 Enterprise Project Portfolio Management 18.8
Oracle Primavera Unifier 18.8
Oracle Retail Workforce Management Software 1.60.9.0.0
Oracle Primavera Unifier
Redhat Openshift Container Platform 3.11
Redhat Jboss Bpm Suite 6.4.11
Redhat Jboss Brms 6.4.10
Redhat Automation Manager 7.3.1
Redhat Decision Manager 7.3.1
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »