Show filters
239 Total Results
Displaying 51-60 of 239
Sort by:
Attacker Value
Unknown

CVE-2018-19361

Disclosure Date: January 02, 2019 (last updated November 08, 2023)
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.
0
Attacker Value
Unknown

CVE-2018-14718

Disclosure Date: January 02, 2019 (last updated November 08, 2023)
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.
Attacker Value
Unknown

CVE-2018-19362

Disclosure Date: January 02, 2019 (last updated November 08, 2023)
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.
0
Attacker Value
Unknown

CVE-2018-14720

Disclosure Date: January 02, 2019 (last updated November 08, 2023)
FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.
0
Attacker Value
Unknown

CVE-2018-19364

Disclosure Date: December 13, 2018 (last updated November 08, 2023)
hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.
Attacker Value
Unknown

CVE-2018-19489

Disclosure Date: December 13, 2018 (last updated November 08, 2023)
v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.
Attacker Value
Unknown

CVE-2018-18311

Disclosure Date: December 07, 2018 (last updated November 08, 2023)
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
0
Attacker Value
Unknown

CVE-2018-19477

Disclosure Date: November 23, 2018 (last updated November 08, 2023)
psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion.
0
Attacker Value
Unknown

CVE-2018-19475

Disclosure Date: November 23, 2018 (last updated November 08, 2023)
psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same.
0
Attacker Value
Unknown

CVE-2018-19476

Disclosure Date: November 23, 2018 (last updated November 08, 2023)
psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion.
0