Max CVSS 7.5 Min CVSS 7.5 Total Count5
IDCVSSSummaryLast (major) updatePublished
CVE-2018-14721 7.5
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.
02-01-2019 - 13:29 02-01-2019 - 13:29
CVE-2018-14720 7.5
FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.
02-01-2019 - 13:29 02-01-2019 - 13:29
CVE-2018-14719 7.5
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization.
02-01-2019 - 13:29 02-01-2019 - 13:29
CVE-2018-14718 7.5
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.
02-01-2019 - 13:29 02-01-2019 - 13:29
CVE-2018-9206 7.5
Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0
11-10-2018 - 11:29 11-10-2018 - 11:29
Back to Top Mark selected
Back to Top