Show filters
38 Total Results
Displaying 11-20 of 38
Sort by:
Attacker Value
Unknown
CVE-2020-36187
Disclosure Date: January 06, 2021 (last updated November 28, 2024)
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource.
0
Attacker Value
Unknown
CVE-2020-36189
Disclosure Date: January 06, 2021 (last updated November 28, 2024)
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource.
0
Attacker Value
Unknown
CVE-2020-36185
Disclosure Date: January 06, 2021 (last updated November 28, 2024)
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource.
0
Attacker Value
Unknown
CVE-2020-36188
Disclosure Date: January 06, 2021 (last updated November 28, 2024)
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource.
0
Attacker Value
Unknown
CVE-2020-36181
Disclosure Date: January 06, 2021 (last updated July 03, 2024)
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS.
0
Attacker Value
Unknown
CVE-2020-36186
Disclosure Date: January 06, 2021 (last updated November 28, 2024)
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource.
0
Attacker Value
Unknown
CVE-2020-36184
Disclosure Date: January 06, 2021 (last updated July 03, 2024)
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.
0
Attacker Value
Unknown
CVE-2020-35728
Disclosure Date: December 27, 2020 (last updated November 08, 2023)
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).
0
Attacker Value
Unknown
CVE-2020-35491
Disclosure Date: December 17, 2020 (last updated November 28, 2024)
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.
0
Attacker Value
Unknown
CVE-2020-14731
Disclosure Date: October 21, 2020 (last updated November 28, 2024)
Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications (component: Segment). Supported versions that are affected are 18.0 and 19.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Retail Customer Management and Segmentation Foundation. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Retail Customer Management and Segmentation Foundation accessible data. CVSS 3.1 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N).
0
