Lucene search
K

4457 matches found

Atlassian
Atlassian
added 2026/04/16 1:5 p.m.22 views

Improper Authorization commons-beanutils:commons-beanutils Dependency in Jira Service Management Data Center

This High severity Improper Authorization vulnerability was introduced in versions 5.12.1, 5.15.2, 5.16.0, 5.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, and 10.7.1 of Jira Service Management Data Center. This Improper Authorization vulnerability, with a CVSS Score of 8.8 and a...

8.8CVSS7.5AI score0.01495EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/15 6:5 p.m.3 views

Security Bulletin: A vulnerability in Apache Commons Lang may affect IBM Jazz Reporting Service (CVE-2025-48924)

Summary Apache Commons Lang is used by IBM Jazz Reporting Service. IBM Jazz Reporting Service has addressed the applicable CVE CVE-2025-48924. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lan...

5.3CVSS6.8AI score0.02164EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/15 4:42 p.m.5 views

Security Bulletin: A vulnerability in Apache Commons FileUpload may affect IBM Jazz Reporting Service (CVE-2025-48976)

Summary Apache Commons FileUpload is used by IBM Jazz Reporting Service. IBM Jazz Reporting Service has addressed the applicable CVECVE-2025-48976 Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers with insufficient limits enabled a DoS...

7.5CVSS6.9AI score0.63258EPSS
Exploits1Affected Software1
Atlassian
Atlassian
added 2026/04/14 4:29 a.m.25 views

RCE (Remote Code Execution) at mchange-commons-java dependency in Crucible Server

This High severity RCE Remote Code Execution vulnerability was introduced in version 4.9.0 of Crucible Server. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.9 and a CVSS Vector of code:java CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:Hcode allows an...

9.8CVSS6.3AI score0.00812EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/10 11:20 p.m.8 views

Security Bulletin: Multiple vulnerabilities in IBM Aspera Enterprise WebApps

Summary Multiple vulnerabilities were addressed in IBM Aspera Enterprise WebApps version 1.0.2 Vulnerability Details CVEID:CVE-2025-64718 DESCRIPTION: js-yaml is a JavaScript YAML parser and dumper. In js-yaml before 4.1.1 and 3.14.2, it's possible for an attacker to modify the prototype of the...

8.8CVSS6.8AI score0.62368EPSS
Exploits3Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/10 2:43 p.m.8 views

Security Bulletin: Vulnerabilities in hoek, Bouncy Castle Inc, Spring Framework, golang, Apache Commons, semver and Google Guava might affect IBM Storage Defender Copy Data Management

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in hoek, Bouncy Castle Inc, Spring Framework, golang, Apache Commons, semver and Google Guava. Vulnerabilities include allowing a malicious user to modify the prototype of "Object" via proto, causing the addition...

8.8CVSS7.2AI score0.35681EPSS
Exploits4Affected Software1
GithubExploit
GithubExploit
added 2026/04/09 12:22 p.m.160 views

Exploit for Code Injection in Pivotal_Software Spring_Data_Commons

SpringBoot-Toolkit An interactive penetration-testing tool de...

10CVSS7.4AI score0.99939EPSS
Exploits188
OSV
OSV
added 2026/04/09 12:53 a.m.5 views

CLEANSTART-2026-IW08736 Uncontrolled Recursion vulnerability in Apache Commons Lang

Multiple security vulnerabilities affect the logstash-fips package. Uncontrolled Recursion vulnerability in Apache Commons Lang. See references for individual vulnerability details...

9.8CVSS6.7AI score0.02164EPSS
Exploits1References31
OSV
OSV
added 2026/04/09 12:49 a.m.3 views

CLEANSTART-2026-BG72514 Uncontrolled Recursion vulnerability in Apache Commons Lang

Multiple security vulnerabilities affect the logstash-fips package. Uncontrolled Recursion vulnerability in Apache Commons Lang. See references for individual vulnerability details...

9.8CVSS6.7AI score0.02164EPSS
Exploits0References20
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/08 9:12 a.m.9 views

Security Bulletin: Due to the use of Apache Tomcat and mchange-commons-java, IBM ApplinX is vulnerable to Improper Input Validation vulnerablities (CVE-2025-66614, CVE-2026-24733, CVE-2026-24734) and an 'Injection' vulnerability (CVE-2026-27727).

Summary Due to the use of Apache Tomcat and mchange-commons-java, IBM ApplinX is vulnerable to Improper Input Validation vulnerablities CVE-2025-66614, CVE-2026-24733, CVE-2026-24734 and an Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection'...

9.8CVSS7.3AI score0.00812EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/03 4:3 p.m.4 views

Security Bulletin: Due to use of Apache Commons Lang, IBM Operations Analytics - Log Analysis is affected by Uncontrolled Recursion Vulnerability

Summary Apache Commons Lang in Apache Solr is used by IBM Operations Analytics - Log Analysis as part of the core utility such as string manipulation, object utilities, and class utilities. CVE-2025-48924. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerabilit...

5.3CVSS5.8AI score0.02164EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/01 6:28 a.m.4 views

Security Bulletin: IBM Content Navigator uses Apache Commons Collections resulting in multiple CVEs

Summary IBM Content Navigator is affected by CVE-2015-4852, a Deserialization of Untrusted Data vulnerability CWE-502 in Apache Commons Collections, originally identified in Oracle WebLogic Server. A remote attacker could exploit this vulnerability by sending a crafted serialized Java object over...

10CVSS7.8AI score0.96032EPSS
Exploits27Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/31 11:46 a.m.10 views

Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is affected by a denial of service due to Apache Commons FileUpload

Summary IBM WebSphere Application Server shipped with Jazz for Service Management JazzSM is affected by a denial of service due to Apache Commons FileUpload CVE-2025-48976 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions...

7.5CVSS7AI score0.63258EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/30 7:25 a.m.7 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses c3p0-0.11.2.jar and mchange-commons-java-0.3.2.jar which are vulnerable to CVE-2026-27830 and CVE-2026-27727.

Summary IBM Maximo Application Suite - Monitor Component uses c3p0-0.11.2.jar and mchange-commons-java-0.3.2.jar which are vulnerable to CVE-2026-27830 and CVE-2026-27727. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-27830 DESCRIPTION: c3p0...

9.8CVSS6.2AI score0.00812EPSS
Exploits1Affected Software1
GithubExploit
GithubExploit
added 2026/03/30 7:21 a.m.127 views

Exploit for Code Injection in Apache Commons_Text

ICT287-CVE-202...

9.8CVSS7AI score0.99931EPSS
Exploits41
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/29 11:39 p.m.6 views

Security Bulletin: IBM Content Navigator is affected by CVE-2025-46392

Summary IBM Content Navigator is affected by CVE-2025-46392, an Uncontrolled Resource Consumption vulnerability CWE-400 in Apache Commons Configuration 1.x commons-configuration-1.7.jar. Vulnerability Details CVEID:CVE-2025-46392 DESCRIPTION: Uncontrolled Resource Consumption vulnerability in...

6.5CVSS7AI score0.01663EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/27 5:59 p.m.4 views

Security Bulletin: IBM webMethods BPM is vulnerable to a denial of service due to commons-io

Summary IBM webMethods BPM uses commons-io to simplify file and stream handling operations within the application, such as reading, writing, and manipulating files and input/output streams. Vulnerability Details CVEID:CVE-2021-29425 DESCRIPTION: In Apache Commons IO before 2.7, When invoking the...

5.8CVSS5.9AI score0.10608EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/27 9:11 a.m.11 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for March 2026.

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue...

8.8CVSS7.4AI score0.02164EPSS
Exploits6Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/27 8:58 a.m.16 views

Security Bulletin: Multiple secuirty vulnerabilies addressed with IBM Business Automation Workflow (traditional and containers) March 2026

Summary In addition to updating many operating system level packages on container images, IBM Business Automation Workflow fixes address the following vulnerabilities. Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION: Improper Access Control vulnerability in Apache Commons. A special...

8.8CVSS7.2AI score0.01495EPSS
Exploits7Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/27 12:49 a.m.4 views

Security Bulletin: IBM Storage Protect Server is affected by a vulnerability in the Apache Commons IO library that could lead to denial-of-service when processing specially crafted input (CVE-2025-48924).

Summary IBM Storage Protect Server uses the Apache Commons IO library in certain components; Apache Commons IO is vulnerable to improper resource handling that may lead to denial-of-service conditions when processing specially crafted input. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION:...

5.3CVSS6.8AI score0.02164EPSS
Exploits0Affected Software1
Rows per page
Query Builder