| The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them. |
|
 |
|
|
Computer vulnerabilities of IBM Lotus Notes
Apache HttpClient: information disclosure via java.net.URI Authority Component
An attacker can bypass access restrictions to data via java.net.URI Authority Component of Apache HttpClient, in order to obtain sensitive information...
6445703, CVE-2020-13956, DLA-2405-1, DSA-4772-1, KB0086419, RHSA-2021:0246-01, RHSA-2021:0247-01, RHSA-2021:0248-01, RHSA-2021:0250-01, VIGILANCE-VUL-33523 |
SnakeYAML: external YAML entity injection
An attacker can transmit malicious YAML data to snakeyaml, in order to read a file, scan sites, or trigger a denial of service...
6198380, 6449664, CVE-2017-18640, FEDORA-2020-23012fafbc, KB0085481, openSUSE-SU-2021:0855-1, RHSA-2020:4807-01, SUSE-SU-2021:1876-1, VIGILANCE-VUL-32101 |
FasterXML jackson-databind: external XML entity injection via jackson-mapper-asl
An attacker can transmit malicious XML data via jackson-mapper-asl to FasterXML jackson-databind, in order to read a file, scan sites, or trigger a denial of service...
6198380, CVE-2019-10172, DLA-2091-1, DLA-2342-1, KB0085481, RHSA-2020:2058-01, RHSA-2020:2059-01, RHSA-2020:2060-01, RHSA-2020:2061-01, RHSA-2020:2106-01, RHSA-2020:2107-01, RHSA-2020:2108-01, RHSA-2020:2112-01, RHSA-2020:2113-01, RHSA-2020:2511-01, RHSA-2020:2512-01, RHSA-2020:2513-01, RHSA-2020:2515-01, USN-4741-1, VIGILANCE-VUL-31485 |
Apache Log4j 1.2: code execution via Socket Server Deserialization
An attacker can use a vulnerability via Socket Server Deserialization of Apache Log4j 1.2, in order to run code...
6198380, 6371652, cpuapr2020, cpujul2020, CVE-2019-17571, DLA-2065-1, DSA-4686-1, KB0085481, NTAP-20200110-0001, openSUSE-SU-2020:0051-1, SUSE-SU-2020:0053-1, SUSE-SU-2020:0054-1, SUSE-SU-2020:14267-1, USN-4495-1, VIGILANCE-VUL-31193 |
Our database contains other pages. You can request a free trial to read them.
|