|Max CVSS||7.5||Min CVSS||4.3||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
SubTypeValidator.java in FasterXML jackson-databind before 188.8.131.52 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.
|22-04-2022 - 16:03||29-07-2019 - 12:15|
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x through 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has JDOM 1.x or 2.x jar in
|20-10-2020 - 22:15||19-06-2019 - 14:15|
FasterXML jackson-databind 2.x before 184.108.40.206 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. Depending on the classpath content, remote code execution may be
|20-10-2020 - 22:15||24-06-2019 - 16:15|
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 220.127.116.11. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the logbac
|24-08-2020 - 17:37||30-07-2019 - 11:15|
The transferProxy and approveProxy functions of a smart contract implementation for SmartMesh (SMT), an Ethereum ERC20 token, allow attackers to accomplish an unauthorized transfer of digital assets because replay attacks can occur with the same-name
|03-10-2019 - 00:03||10-08-2018 - 15:29|
Apache Struts 2.0.0 through 18.104.22.168 does not properly cache method references when used with OGNL before 3.0.12, which allows remote attackers to cause a denial of service (block access to a web site) via unspecified vectors.
|28-11-2016 - 20:06||07-06-2016 - 18:59|