The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of SAS SAS/ETS

2 jackson-databind: file reading via Polymorphic Typing JSON Message
A local attacker can read a file via Polymorphic Typing JSON Message of jackson-databind, in order to obtain sensitive information...
CVE-2019-12814, DLA-1831-1, FEDORA-2019-ae6a703b8f, FEDORA-2019-fb23eccc03, RHSA-2019:2935-01, RHSA-2019:2936-01, RHSA-2019:2937-01, RHSA-2019:2938-01, RHSA-2019:3044-01, RHSA-2019:3045-01, RHSA-2019:3046-01, RHSA-2019:3050-01, VIGILANCE-VUL-29605
2 jackson-databind: file reading via Polymorphic Typing JSON Message
A local attacker can read a file via Polymorphic Typing JSON Message of jackson-databind, in order to obtain sensitive information...
CVE-2019-12384, DLA-1831-1, DSA-4542-1, FEDORA-2019-ae6a703b8f, FEDORA-2019-fb23eccc03, NTAP-20190703-0002, RHSA-2019:1820-01, RHSA-2019:2720-01, RHSA-2019:2935-01, RHSA-2019:2936-01, RHSA-2019:2937-01, RHSA-2019:2938-01, VIGILANCE-VUL-29604
1 c3p0: denial of service via the XML configuration
An attacker can trigger a fatal error via the processing of the XML configuration of c3p0, in order to trigger a denial of service...
5048, CVE-2019-5427, FEDORA-2019-063672154a, FEDORA-2019-cb14e234fc, VIGILANCE-VUL-29428
2 jackson-databind: file reading
An attacker can read a file from a client using jackson-databind, in order to obtain sensitive information...
5048, cpujul2019, cpuoct2019, CVE-2019-12086, DLA-1798-1, DSA-4452-1, FEDORA-2019-ae6a703b8f, FEDORA-2019-fb23eccc03, RHSA-2019:2935-01, RHSA-2019:2936-01, RHSA-2019:2937-01, RHSA-2019:2938-01, RHSA-2019:3044-01, RHSA-2019:3045-01, RHSA-2019:3046-01, RHSA-2019:3050-01, VIGILANCE-VUL-29375
2 jackson-databind: information disclosure via Default Typing
An attacker can bypass access restrictions to data via Default Typing of jackson-databind, in order to obtain sensitive information...
cpujan2019, cpujul2019, CVE-2018-11307, DLA-1703-1, DSA-4452-1, RHSA-2019:0782-01, RHSA-2019:1106-01, RHSA-2019:1107-01, RHSA-2019:1108-01, RHSA-2019:1140-01, VIGILANCE-VUL-28642
3 jackson-databind: code execution via Oracle JDBC Driver Deserialization
An attacker can use a vulnerability via Oracle JDBC Driver Deserialization of jackson-databind, in order to run code...
5048, cpujan2019, cpujul2019, CVE-2018-12023, DLA-1703-1, DSA-4452-1, FEDORA-2019-df57551f6d, RHSA-2019:0782-01, RHSA-2019:1106-01, RHSA-2019:1107-01, RHSA-2019:1108-01, RHSA-2019:1140-01, VIGILANCE-VUL-28553
2 jackson-datatype-jsr310: denial of service via Input Validation
An attacker can trigger a fatal error via Input Validation of jackson-datatype-jsr310, in order to trigger a denial of service...
cpuoct2019, CVE-2018-1000873, FEDORA-2019-df57551f6d, VIGILANCE-VUL-28552
3 jackson-databind: code execution via blaze-ds-opt
An attacker can use a vulnerability via blaze-ds-opt of jackson-databind, in order to run code...
5048, cpuapr2019, cpujan2019, cpuoct2019, CVE-2018-14719, DLA-1703-1, DSA-4452-1, FEDORA-2019-df57551f6d, RHSA-2019:0782-01, VIGILANCE-VUL-28549
2 jackson-databind: external XML entity injection via JDK Classes
An attacker can transmit malicious XML data via JDK Classes to jackson-databind, in order to read a file, scan sites, or trigger a denial of service...
5048, cpuapr2019, cpujan2019, cpuoct2019, CVE-2018-14720, DLA-1703-1, DSA-4452-1, FEDORA-2019-df57551f6d, RHSA-2019:0782-01, RHSA-2019:1106-01, RHSA-2019:1107-01, RHSA-2019:1108-01, RHSA-2019:1140-01, VIGILANCE-VUL-28548
3 jackson-databind: code execution via Axis2-transport-jms Deserialization
An attacker can use a vulnerability via Axis2-transport-jms Deserialization of jackson-databind, in order to run code...
5048, cpuapr2019, cpujul2019, cpuoct2019, CVE-2018-19360, DLA-1703-1, DSA-4452-1, FEDORA-2019-df57551f6d, RHSA-2019:0782-01, VIGILANCE-VUL-28546
Our database contains other pages. You can request a free trial to read them.

Display information about SAS SAS/ETS: