482 matches found
ROOT-APP-MAVEN-CVE-2015-7501 CVE-2015-7501 in io.root.commons-collections:commons-collections - Patched by Root
Root has patched CVE-2015-7501 in the io.root.commons-collections:commons-collections package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2015-6420 CVE-2015-6420 in io.root.commons-collections:commons-collections - Patched by Root
Root has patched CVE-2015-6420 in the io.root.commons-collections:commons-collections package for Root:Maven. Multiple fixed versions available...
CVE-2026-40901
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below ship the legacy velocity-1.7.jar, which pulls in commons-collections-3.2.1.jar containing the InvokerTransformer deserialization gadget chain. Quartz 2.3.2, also bundled in the application, deserializ...
osv-java-poc
OSV Scanner CVE Detection POC — Vulnerable Java App ⚠️ WA...
RHCOS 2 : Red Hat OpenShift Enterprise 2.2.10 (RHSA-2016:1773)
The remote Red Hat Enterprise Linux CoreOS 2 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:1773 advisory. - CXF: SSL hostname verification bypass, incomplete CVE-2012-6153 fix CVE-2014-3577 - apache-commons-collections: InvokerTransformer...
EUVD-2026-23310
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below ship the legacy velocity-1.7.jar, which pulls in commons-collections-3.2.1.jar containing the InvokerTransformer deserialization gadget chain. Quartz 2.3.2, also bundled in the application, deserializ...
Security Bulletin: IBM Content Navigator uses Apache Commons Collections resulting in multiple CVEs
Summary IBM Content Navigator is affected by CVE-2015-4852, a Deserialization of Untrusted Data vulnerability CWE-502 in Apache Commons Collections, originally identified in Oracle WebLogic Server. A remote attacker could exploit this vulnerability by sending a crafted serialized Java object over...
Exploit for Deserialization of Untrusted Data in Nextgen Mirth_Connect
CVE-2023-43208 — Mirth Connect RCE !Pythonhttps://img.shie...
MiracleLinux 4 : jakarta-commons-collections-3.2.1-3.5.AXS4 (AXSA:2015-832:01)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2015-832:01 advisory. The introduction of the Collections API by Sun in JDK 1.2 has been a boon to quick and effective Java programming. Ready access to powerful data structures ha...
MiracleLinux 7 : apache-commons-collections-3.2.1-22.el7 (AXSA:2015-834:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2015-834:01 advisory. The introduction of the Collections API by Sun in JDK 1.2 has been a boon to quick and effective Java programming. Ready access to powerful data structures ha...
Security Bulletin: IBM Tivoli Business Service Manager is vulnerable to Deserialization of Untrusted Data due to Apache Commons Collections (CVE-2015-6420)
Summary Apache Commons Collections is shipped with IBM Tivoli Business Service Manager as part of its backend process to enhance Java operations. Information about a security vulnerability affecting Apache Commons Collections has been published in a security bulletin. Vulnerability Details...
ysoserial
ysoserial !GitHub releasehttps://img.shields.io/github/do...
EUVD-2015-8638
Malware in sbrugna...
EUVD-2016-3108
Malware in sbrugna...
EUVD-2016-3075
Malware in sbrugna...
EUVD-2016-3088
Malware in sbrugna...
EUVD-2016-3074
Malware in sbrugna...
EUVD-2016-5373
Malware in sbrugna...
EUVD-2015-6868
Malware in sbrugna...
EUVD-2016-3111
Malware in sbrugna...