Max CVSS 7.5 Min CVSS 5.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2017-7525 7.5
A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the Obj
08-06-2023 - 17:57 06-02-2018 - 15:29
CVE-2017-15089 6.5
It was found that the Hotrod client in Infinispan before 9.2.0.CR1 would unsafely read deserialized data on information from the cache. An authenticated attacker could inject a malicious object into the data cache and attain deserialization on the cl
04-06-2019 - 17:29 15-02-2018 - 17:29
CVE-2014-9970 5.0
jasypt before 1.9.2 allows a timing attack against the password hash comparison.
14-02-2018 - 02:29 21-05-2017 - 18:29
Back to Top Mark selected
Back to Top