Max CVSS 7.5 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2019-2698 6.8
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protoc
13-05-2022 - 14:57 23-04-2019 - 19:32
CVE-2019-2602 5.0
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unau
13-05-2022 - 14:57 23-04-2019 - 19:32
CVE-2019-2684 4.3
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Difficult to exploit vulnerability allows unauthen
13-05-2022 - 14:57 23-04-2019 - 19:32
CVE-2019-6974 6.8
In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.
05-04-2022 - 20:40 15-02-2019 - 15:29
CVE-2019-0211 7.2
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with
06-06-2021 - 11:15 08-04-2019 - 22:29
CVE-2018-14718 7.5
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.
21-05-2021 - 15:30 02-01-2019 - 18:29
CVE-2018-14719 7.5
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization.
21-05-2021 - 15:22 02-01-2019 - 18:29
CVE-2019-9636 5.0
Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a
29-10-2020 - 14:15 08-03-2019 - 21:29
CVE-2018-12022 5.1
An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Jodd-db jar (for database access for the Jodd framework) in
20-10-2020 - 22:15 21-03-2019 - 16:00
CVE-2018-12023 5.1
An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Oracle JDBC jar in the classpath, and an attacker can provid
20-10-2020 - 22:15 21-03-2019 - 16:00
CVE-2019-7221 4.6
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
15-10-2020 - 13:28 21-03-2019 - 16:01
CVE-2018-19361 7.5
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.
31-08-2020 - 14:15 02-01-2019 - 18:29
CVE-2018-19360 7.5
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.
31-08-2020 - 14:15 02-01-2019 - 18:29
CVE-2018-19362 7.5
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.
31-08-2020 - 14:15 02-01-2019 - 18:29
CVE-2018-14721 7.5
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.
31-08-2020 - 14:15 02-01-2019 - 18:29
CVE-2018-14720 7.5
FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.
31-08-2020 - 14:15 02-01-2019 - 18:29
CVE-2019-0542 5.0
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
24-01-2020 - 22:15 09-01-2019 - 15:29
CVE-2019-3878 6.8
A vulnerability was found in mod_auth_mellon before v0.14.2. If Apache is configured as a reverse proxy and mod_auth_mellon is configured to only let through authenticated users (with the require valid-user directive), adding special HTTP headers tha
07-05-2019 - 09:29 26-03-2019 - 18:29
Back to Top Mark selected
Back to Top