osv-java-poc

OSV Scanner CVE Detection POC — Vulnerable Java App ⚠️ WA...

ROOT-APP-MAVEN-CVE-2015-6420 CVE-2015-6420 in io.root.commons-collections:commons-collections - Patched by Root

Root has patched CVE-2015-6420 in the io.root.commons-collections:commons-collections package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2015-7501 CVE-2015-7501 in io.root.commons-collections:commons-collections - Patched by Root

Root has patched CVE-2015-7501 in the io.root.commons-collections:commons-collections package for Root:Maven. Multiple fixed versions available...

RHCOS 2 : Red Hat OpenShift Enterprise 2.2.10 (RHSA-2016:1773)

The remote Red Hat Enterprise Linux CoreOS 2 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:1773 advisory. - CXF: SSL hostname verification bypass, incomplete CVE-2012-6153 fix CVE-2014-3577 - apache-commons-collections: InvokerTransformer...

EUVD-2026-23310

DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below ship the legacy velocity-1.7.jar, which pulls in commons-collections-3.2.1.jar containing the InvokerTransformer deserialization gadget chain. Quartz 2.3.2, also bundled in the application, deserializ...

Security Bulletin: IBM Content Navigator uses Apache Commons Collections resulting in multiple CVEs

Summary IBM Content Navigator is affected by CVE-2015-4852, a Deserialization of Untrusted Data vulnerability CWE-502 in Apache Commons Collections, originally identified in Oracle WebLogic Server. A remote attacker could exploit this vulnerability by sending a crafted serialized Java object over...

Exploit for Deserialization of Untrusted Data in Nextgen Mirth_Connect

CVE-2023-43208 — Mirth Connect RCE !Pythonhttps://img.shie...

MiracleLinux 4 : jakarta-commons-collections-3.2.1-3.5.AXS4 (AXSA:2015-832:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2015-832:01 advisory. The introduction of the Collections API by Sun in JDK 1.2 has been a boon to quick and effective Java programming. Ready access to powerful data structures ha...

MiracleLinux 7 : apache-commons-collections-3.2.1-22.el7 (AXSA:2015-834:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2015-834:01 advisory. The introduction of the Collections API by Sun in JDK 1.2 has been a boon to quick and effective Java programming. Ready access to powerful data structures ha...

Security Bulletin: IBM Tivoli Business Service Manager is vulnerable to Deserialization of Untrusted Data due to Apache Commons Collections (CVE-2015-6420)

Summary Apache Commons Collections is shipped with IBM Tivoli Business Service Manager as part of its backend process to enhance Java operations. Information about a security vulnerability affecting Apache Commons Collections has been published in a security bulletin. Vulnerability Details...

ysoserial

ysoserial !GitHub releasehttps://img.shields.io/github/do...

EUVD-2016-5369

Malware in sbrugna...

EUVD-2017-2572

Malware in sbrugna...

EUVD-2016-3088

Malware in sbrugna...

EUVD-2016-3074

Malware in sbrugna...

EUVD-2016-3086

Malware in sbrugna...

EUVD-2016-5368

Malware in sbrugna...

EUVD-2016-3087

Malware in sbrugna...

EUVD-2016-3075

Malware in sbrugna...

EUVD-2016-5373

Malware in sbrugna...