Lucene search
K

415 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/10/24 3:55 a.m.6 views

Security Bulletin: Improper Access Control vulnerability in Apache Commons BeanUtils library affect Tivoli Netcool/OMNIbus WebGUI (CVE-2025-48734)

Summary Apache Commons BeanUtils library is used by Tivoli Netcool/OMNIbus WebGUI as part of Filter builder, View builder and Tool admin component. Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION: Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was...

8.8CVSS7.3AI score0.01548EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/23 8:28 p.m.7 views

Security Bulletin: vulerability in IBM Spectrum Symphony with Apache Commons

Summary vulerability in IBM Spectrum Symphony with Apache Commons Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION: Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used to stop attackers from using the declare...

8.8CVSS7.1AI score0.01548EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/22 5:19 a.m.6 views

Security Bulletin: JAVA related vulnerabilities in IBM SP Enterprise Resource Planning (ERP) effected the ERP product dependency with BA client code.

Summary IBM Storage Protect Enterprise Resource Planning can be affected by security flaws mentioned in CVE-2025-48734. : using the "commons-beanutils-1.8.3.jar" can allow the attacker can get control on the declared class property of Java enum objects to get access to the classloader...

8.8CVSS6.8AI score0.01548EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/10/22 12:0 a.m.14 views

Oracle JDeveloper DoS (October 2025 CPU)

The version of Oracle JDeveloper installed on the remote host is missing a security patch. It is, therefore, affected by a vulnerability as referenced in the October 2025 CPU advisory. - Vulnerability in the Oracle JDeveloper product of Oracle Fusion Middleware component: ADF, ADF Faces Apache...

8.8CVSS6.5AI score0.01548EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/09 2:41 p.m.6 views

Security Bulletin: IBM Engineering Lifecycle Optimization - Publishing - Improper Access Control vulnerability in Apache Commons

Summary Apache Commons BeanUtils: PropertyUtilsBean Does Not Suppresses An Enum's DeclaredClass Property By Default. Following IBM® Engineering Lifecycle Management product is vulnerable to this attack, it has been addressed in this bulletin: IBM Engineering Lifecycle Optimization - Publishing...

8.8CVSS9.1AI score0.01548EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/10/09 12:0 a.m.5 views

AlmaLinux 10 : apache-commons-beanutils (ALSA-2025:9166)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:9166 advisory. commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default CVE-2025-48734 Tenable has extracte...

8.8CVSS6.5AI score0.01548EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/07 4:47 p.m.6 views

Security Bulletin: Improper Access Control vulnerability in Apache Commons may affect IBM Business Automation Workflow - CVE-2025-48734

Summary IBM Business Automation Workflow packages a copy of Apache commons-beanutils. CVE-2025-48734 has been reported for this library. Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION: Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in...

8.8CVSS7AI score0.01548EPSS
Exploits1Affected Software2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-0465

Malware in sbrugna...

7.5CVSS6.7AI score0.28839EPSS
Exploits1References112
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2016-5385

Malware in sbrugna...

7.5CVSS7.5AI score0.04362EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: apache-commons-beanutils (UTSA-2025-589226)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-589226 advisory. Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used to stop attackers from using t...

8.8CVSS7AI score0.01548EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/10/06 12:0 a.m.7 views

RockyLinux 10 : apache-commons-beanutils (RLSA-2025:9166)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:9166 advisory. commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default CVE-2025-48734 Tenable has extract...

8.8CVSS6.5AI score0.01548EPSS
Exploits1References3
OSV
OSV
added 2025/10/04 12:11 a.m.7 views

RLSA-2025:9114 Important: apache-commons-beanutils security update

The Apache Commons BeanUtils library provides utility methods for accessing and modifying properties of arbitrary JavaBeans. Security Fixes: commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default CVE-2025-48734 For more detai...

8.8CVSS6.6AI score0.01548EPSS
Exploits1References2
Rockylinux
Rockylinux
added 2025/10/04 12:11 a.m.7 views

apache-commons-beanutils security update

An update is available for apache-commons-beanutils. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Apache Commons BeanUtils library provides utility method...

8.8CVSS7.4AI score0.01548EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/10/04 12:0 a.m.6 views

RockyLinux 9 : apache-commons-beanutils (RLSA-2025:9114)

The remote RockyLinux 9 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2025:9114 advisory. commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default CVE-2025-48734 Tenable has extracte...

8.8CVSS6.5AI score0.01548EPSS
Exploits1References3
OSV
OSV
added 2025/10/03 7:57 p.m.6 views

RLSA-2025:9166 Important: apache-commons-beanutils security update

The Apache Commons BeanUtils library provides utility methods for accessing and modifying properties of arbitrary JavaBeans. Security Fixes: commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default CVE-2025-48734 For more detai...

8.8CVSS7.2AI score0.01548EPSS
Exploits1References2
Rockylinux
Rockylinux
added 2025/10/03 7:57 p.m.6 views

apache-commons-beanutils security update

An update is available for apache-commons-beanutils. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Apache Commons BeanUtils library provides utility metho...

8.8CVSS8.1AI score0.01548EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/29 9:54 p.m.10 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Apache Commons (CVE-2025-48734)

Summary A vulnerability in Apache Commons that is used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION: Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used...

8.8CVSS7.1AI score0.01548EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2025/09/25 12:9 a.m.5 views

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

8.8CVSS7.6AI score0.01548EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2025/09/25 12:9 a.m.5 views

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

8.8CVSS7.6AI score0.01548EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2025/09/25 12:9 a.m.12 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.12 on RHEL 7 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.1CVSS7.1AI score0.99999EPSS
Exploits23References13
Rows per page
Query Builder