Lucene search
K

4458 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/02/05 8:18 p.m.5 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in commons-lang-2.6.jar

Summary IBM Watson Discovery Cartridge affected by vulnerability in commons-lang-2.6.jar Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6,...

5.3CVSS7.3AI score0.02164EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/04 6:37 p.m.11 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in Apache Commons FileUpload

Summary IBM Watson Discovery Cartridge affected by vulnerability in Apache Commons FileUpload Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects...

7.5CVSS6.8AI score0.63258EPSS
Exploits1Affected Software1
Snyk
Snyk
added 2026/02/04 5:26 p.m.2 views

Malicious Package

Overview dcf-commons is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

9.8CVSS5.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/04 5:26 p.m.7 views

Malicious code in dcf-commons (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ecd9b19358b9d41493159b26a9674d97911b844be08acab24e938855a796ada The package dcf-commons was found to contain malicious code. Source: ghsa-malware 53fcdc9ba42b2a38388a8f7892b9ba26435e40dd2c5ad4247358620829f70b58 An...

5.4AI score
Exploits0References1
OSV
OSV
added 2026/02/04 5:26 p.m.5 views

MAL-2026-742 Malicious code in dcf-commons (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ecd9b19358b9d41493159b26a9674d97911b844be08acab24e938855a796ada The package dcf-commons was found to contain malicious code. Source: ghsa-malware 53fcdc9ba42b2a38388a8f7892b9ba26435e40dd2c5ad4247358620829f70b58 An...

5.5AI score
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/02 5:24 p.m.7 views

Security Bulletin: Security vulnerability in Apache Commons Lang may affect IBM Business Automation Workflow - CVE-2025-48924

Summary IBM Business Automation Workflow packages a vulnerable copy of the Apache Commons Lang open source library. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with...

5.3CVSS6.4AI score0.02164EPSS
Exploits0Affected Software2
Atlassian
Atlassian
added 2026/01/30 7:27 p.m.20 views

RCE (Remote Code Execution) commons-beanutils Dependency in Crowd Data Center and Server

This High severity RCE Remote Code Execution vulnerability was introduced in version 7.1.0 of Crowd Data Center and Server. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.8 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H allows an authenticated attacker to...

8.8CVSS6.3AI score0.01495EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/30 4:58 p.m.11 views

Security Bulletin: Due to IBM Storage Scale, IBM Cloud Pak System is affected by multiple vulnerabilities [CVE-2025-48976, CVE-2025-30204, CVE-2025-1137].

Summary Execute privileged command and denial of service vulnerabilities found in IBM Storage Scale previously known as IBM Spectrum Scale affect IBM Cloud Pak System. These vulnerabilities were addressed in IBM Cloud Pak System v2.3.6.1. Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION:...

8.8CVSS7.3AI score0.63258EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/27 2:25 p.m.11 views

Security Bulletin: Multiple vulnerabilities that affect IBM Db2 Data management console

Summary IBM Db2 Data management console has several dependent packages with vulnerabilities. This bulletin describes the upgrades necessary to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This iss...

9.8CVSS5.3AI score0.93305EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/26 12:48 p.m.6 views

Security Bulletin: Security vulnerability found in the Red Hat Universal Minimal Base Image shipped with CICS Transaction Gateway for Multiplatforms.

Summary A sensitive information exposure is found in the Red Hat Universal Base Image Minimal shipped with CICS Transaction Gateway for Multiplatforms. The CICS Transaction Gateway for Multiplatforms container has been updated to address the vulnerability. Vulnerability Details IBM X-Force ID:...

5.8AI score
Exploits0Affected Software1
Gentoo Linux
Gentoo Linux
added 2026/01/26 12:0 a.m.11 views

Commons-BeanUtils: Arbitary Code Execution

Background Commons-beanutils provides easy-to-use wrappers around Reflection and Introspection APIs Description Multiple vulnerabilities have been discovered in Commons-BeanUtils. Please review the CVE identifiers referenced below for details. Impact A special BeanIntrospector class was added in...

8.8CVSS5.8AI score0.01495EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/01/26 12:0 a.m.4 views

GLSA-202601-05 : Commons-BeanUtils: Arbitary Code Execution

The remote host is affected by the vulnerability described in GLSA-202601-05 Commons-BeanUtils: Arbitary Code Execution Multiple vulnerabilities have been discovered in Commons-BeanUtils. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding descripti...

8.8CVSS5.9AI score0.01495EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/25 11:57 a.m.8 views

Security Bulletin: Multiple vulnerabilities in IBM® Db2® affect IBM® Db2® Big SQL.

Summary Multiple vulnerabilities in IBM® Db2® affect IBM® Db2® Big SQL 7 on Cloud Pak for Data 4.8 and earlier Vulnerability Details CVEID:CVE-2023-45853 DESCRIPTION: MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long...

9.8CVSS8AI score0.02918EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/23 1:29 p.m.12 views

Security Bulletin: Vulnerabilities in Apache Commons Lang affect IBM® Db2® Big SQL on IBM Cloud Pak for Data.

Summary Vulnerabilities in Apache Commons Lang affect IBM® Db2® Big SQL 8.2.1 on IBM Cloud Pak for Data 5.2.1 and earlier. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with...

5.3CVSS5.7AI score0.02164EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/23 12:0 a.m.4 views

Oracle Business Intelligence Enterprise Edition (12.2.1.4) (January 2026 CPU)

The version of Oracle Business Intelligence Enterprise Edition 12.2.1.4 installed on the remote host is affected by multiple vulnerabilities as referenced in the January 2026 CPU advisory. - Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component...

7.5CVSS6.8AI score0.02164EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/22 5:6 a.m.6 views

Security Bulletin: Vulnerabilities in Apache Commons Lang affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in Apache Commons Lang has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-48924...

5.3CVSS6.5AI score0.02164EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.9 views

Oracle Business Process Management Suite (14.1.2.0.0) (January 2026 CPU)

The version of Oracle Business Process Management Suite installed on the remote host is affected by a vulnerability, as referenced in the January 2026 CPU advisory: - Vulnerability in the Oracle Business Process Management Suite product of Oracle Fusion Middleware component: Composer Apache Commo...

9.8CVSS7AI score0.79807EPSS
Exploits7References6
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.39 views

Oracle WebCenter Sites (January 2026 CPU)

The 12.2.1.4.0 and 14.1.2.0.0 versions of WebCenter Sites installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2026 CPU advisory. - Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware component: Core Apache Log4j. The...

7.5CVSS7.1AI score0.99999EPSS
Exploits20References5
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.4 views

Azure Linux 3.0 Security Update: javapackages-bootstrap (CVE-2024-25710)

The version of javapackages-bootstrap installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-25710 advisory. - Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Apache Commons...

8.1CVSS8.3AI score0.00441EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/21 7:4 p.m.9 views

Security Bulletin: Vulnerabilities in Apache Commons affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in Apache Commons has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION:...

8.8CVSS6.9AI score0.01495EPSS
Exploits1Affected Software1
Rows per page
Query Builder