CVE-2018-14718
- EPSS 14.75%
- Veröffentlicht 02.01.2019 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:49:39
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.
CVE-2018-14719
- EPSS 2.65%
- Veröffentlicht 02.01.2019 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:49:40
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization.
CVE-2018-19360
- EPSS 6.78%
- Veröffentlicht 02.01.2019 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:57:48
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.
CVE-2018-19361
- EPSS 4.06%
- Veröffentlicht 02.01.2019 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:57:48
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.
CVE-2018-19362
- EPSS 6.78%
- Veröffentlicht 02.01.2019 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:57:48
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.
CVE-2015-9251
- EPSS 9.84%
- Veröffentlicht 18.01.2018 23:29:00
- Zuletzt bearbeitet 21.11.2024 02:40:09
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.