Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jackson vulnerabilities and exploits
(subscribe to this query)
543
VMScore
CVE-2018-7541
An issue exists in Xen up to and including 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1.
Xen Xen
Debian Debian Linux 9.0
436
VMScore
CVE-2018-7542
An issue exists in Xen 4.8.x up to and including 4.10.x allowing x86 PVH guest OS users to cause a denial of service (NULL pointer dereference and hypervisor crash) by leveraging the mishandling of configurations that lack a Local APIC.
Xen Xen
Debian Debian Linux 9.0
605
VMScore
CVE-2017-4995
An issue exists in Pivotal Spring Security 4.2.0.RELEASE up to and including 4.2.2.RELEASE, and Spring Security 5.0.0.M1. When configured to enable default typing, Jackson contained a deserialization vulnerability that could lead to arbitrary code execution. Jackson fixed this vu...
Vmware Spring Security 4.2.1
Vmware Spring Security 4.2.2
Vmware Spring Security 5.0.0
Vmware Spring Security 4.2.0
445
VMScore
CVE-2016-7051
XmlMapper in the Jackson XML dataformat component (aka jackson-dataformat-xml) prior to 2.7.8 and 2.8.x prior to 2.8.4 allows remote malicious users to conduct server-side request forgery (SSRF) attacks via vectors related to a DTD.
Fasterxml Jackson-dataformat-xml 2.8.3
Fasterxml Jackson-dataformat-xml 2.8.0
Fasterxml Jackson-dataformat-xml 2.8.1
Fasterxml Jackson-dataformat-xml
Fasterxml Jackson-dataformat-xml 2.8.2
670
VMScore
CVE-2016-3720
XML external entity (XXE) vulnerability in XmlMapper in the Data format extension for Jackson (aka jackson-dataformat-xml) allows malicious users to have unspecified impact via unknown vectors.
Fedoraproject Fedora 24
Fasterxml Jackson-dataformat-xml
5 Github repositories
435
VMScore
CVE-2010-0475
Cross-site scripting (XSS) vulnerability in esp/editUser.esp in the Palo Alto Networks firewall 3.0.x prior to 3.0.9 and 3.1.x prior to 3.1.1 allows remote malicious users to inject arbitrary web script or HTML via the role parameter.
Palo Alto Networks Firewall
1 EDB exploit
383
VMScore
CVE-2010-0465
Cross-site scripting (XSS) vulnerability in the online Documents functionality in SugarCRM 5.2.x prior to 5.2.0l and 5.5.x prior to 5.5.0a allows remote authenticated users to inject arbitrary web script or HTML via the Document Name field.
Sugarcrm Sugarcrm 5.2c
Sugarcrm Sugarcrm 5.2d
Sugarcrm Sugarcrm 5.2.0g
Sugarcrm Sugarcrm 5.2a
Sugarcrm Sugarcrm 5.5
Sugarcrm Sugarcrm 5.5.0
Sugarcrm Sugarcrm 5.2g
Sugarcrm Sugarcrm 5.2h
Sugarcrm Sugarcrm 5.2e
Sugarcrm Sugarcrm 5.2f
828
VMScore
CVE-2009-1392
The browser engine in Mozilla Firefox 3 prior to 3.0.11, Thunderbird prior to 2.0.0.22, and SeaMonkey prior to 1.1.17 allows remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1)...
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.6
Mozilla Thunderbird 2.0.0.11
Mozilla Thunderbird 2.0.0.12
Mozilla Thunderbird 2.0.0.2
Mozilla Thunderbird 2.0.0.3
Mozilla Thunderbird 2.0 .12
Mozilla Thunderbird 0.1
Mozilla Thunderbird 0.2
Mozilla Thunderbird 0.7.2
Mozilla Thunderbird 0.7.3
Mozilla Thunderbird 0.9
Mozilla Thunderbird 1.0.5
Mozilla Thunderbird 1.5.0.13
Mozilla Thunderbird 1.5.0.10
Mozilla Thunderbird 1.5.1
Mozilla Thunderbird 1.5.0.3
Mozilla Thunderbird 1.7.3
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.1.11
Mozilla Seamonkey 1.1.12
Mozilla Seamonkey 1.1
828
VMScore
CVE-2009-1832
Mozilla Firefox prior to 3.0.11, Thunderbird prior to 2.0.0.22, and SeaMonkey prior to 1.1.17 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors involving "double frame constructi...
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0.2
Mozilla Firefox 3.0
Mozilla Firefox 3.0.9
Mozilla Thunderbird 2.0.0.15
Mozilla Thunderbird 2.0.0.16
Mozilla Thunderbird 2.0.0.6
Mozilla Thunderbird 2.0.0.7
Mozilla Thunderbird 2.0 .5
Mozilla Thunderbird 2.0 .6
Mozilla Thunderbird 0.5
Mozilla Thunderbird 0.6
Mozilla Thunderbird 1.0.1
Mozilla Thunderbird 1.0.3
Mozilla Thunderbird 1.0.8
Mozilla Thunderbird 1.5.0.12
Mozilla Thunderbird 1.5.0.5
Mozilla Thunderbird 1.5.0.9
Mozilla Thunderbird 1.5.0.7
Mozilla Thunderbird 1.5.0.2
Mozilla Seamonkey 1.0.6
Mozilla Seamonkey 1.0.8
828
VMScore
CVE-2009-1833
The JavaScript engine in Mozilla Firefox prior to 3.0.11, Thunderbird prior to 2.0.0.22, and SeaMonkey prior to 1.1.17 allows remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1...
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.8
Mozilla Thunderbird 2.0.0.12
Mozilla Thunderbird 2.0.0.13
Mozilla Thunderbird 2.0.0.3
Mozilla Thunderbird 2.0.0.4
Mozilla Thunderbird 2.0 .13
Mozilla Thunderbird 2.0 .14
Mozilla Thunderbird 0.2
Mozilla Thunderbird 0.3
Mozilla Thunderbird 0.7.3
Mozilla Thunderbird 1.0
Mozilla Thunderbird 1.0.5
Mozilla Thunderbird 1.0.6
Mozilla Thunderbird 1.5.0.10
Mozilla Thunderbird 1.5.0.14
Mozilla Thunderbird 1.5.0.3
Mozilla Thunderbird 1.5.0.4
Mozilla Seamonkey 1.0.1
Mozilla Seamonkey 1.0.3
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.1.12
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »