Lucene search
K

4459 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/01/21 7:4 p.m.9 views

Security Bulletin: Vulnerabilities in Apache Commons affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in Apache Commons has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION:...

8.8CVSS6.9AI score0.01495EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/21 6:47 p.m.9 views

Security Bulletin: Vulnerabilities in Apache Commons Lang affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in Apache Commons Lang has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-48924...

5.3CVSS6.1AI score0.02164EPSS
Exploits0Affected Software1
Snyk
Snyk
added 2026/01/21 7:40 a.m.3 views

Malicious Package

Overview tv-admin-commons is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/21 7:40 a.m.10 views

Malicious code in tv-admin-commons (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23c0b8199883c9cf5ea055f98b5f90f8cfb349eceba1b6c4026ef3b94c96872b The package tv-admin-commons was found to contain malicious code. Source: ghsa-malware 0b766afca3bfb069abd800cf6cb59759fc8555cdeb01e8d8e0576d5adaf720...

5.5AI score
Exploits0References1
EUVD
EUVD
added 2026/01/21 7:40 a.m.8 views

EUVD-2026-3709

Malicious code in tv-admin-commons npm...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/01/21 7:40 a.m.5 views

MAL-2026-439 Malicious code in tv-admin-commons (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23c0b8199883c9cf5ea055f98b5f90f8cfb349eceba1b6c4026ef3b94c96872b The package tv-admin-commons was found to contain malicious code. Source: ghsa-malware 0b766afca3bfb069abd800cf6cb59759fc8555cdeb01e8d8e0576d5adaf720...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.7 views

MiracleLinux 4 : jakarta-commons-collections-3.2.1-3.5.AXS4 (AXSA:2015-832:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2015-832:01 advisory. The introduction of the Collections API by Sun in JDK 1.2 has been a boon to quick and effective Java programming. Ready access to powerful data structures ha...

10CVSS7AI score0.83274EPSS
Exploits8References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.7 views

MiracleLinux 4 : jakarta-commons-httpclient-3.1-0.9.AXS4 (AXSA:2014-529:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-529:01 advisory. Description: The Hyper-Text Transfer Protocol HTTP is perhaps the most significant protocol used on the Internet today. Web services, network-enabled applianc...

5.8CVSS6.4AI score0.09149EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

MiracleLinux 3 : jakarta-commons-httpclient-3.0-7jpp.4.AXS3 (AXSA:2014-519:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-519:01 advisory. Description : The Hyper-Text Transfer Protocol HTTP is perhaps the most significant protocol used on the Internet today. Web services, network-enabled...

5.8CVSS6.4AI score0.09149EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

MiracleLinux 4 : jakarta-commons-httpclient-3.1-0.7.AXS4 (AXSA:2013-313:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-313:01 advisory. The Hyper-Text Transfer Protocol HTTP is perhaps the most significant protocol used on the Internet today. Web services, network-enabled appliances and the...

5.8CVSS7.1AI score0.09254EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.10 views

MiracleLinux 7 : apache-commons-collections-3.2.1-22.el7 (AXSA:2015-834:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2015-834:01 advisory. The introduction of the Collections API by Sun in JDK 1.2 has been a boon to quick and effective Java programming. Ready access to powerful data structures ha...

10CVSS7AI score0.83274EPSS
Exploits8References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/14 6:56 p.m.13 views

Security Bulletin: IBM Tivoli Business Service Manager is vulnerable to Deserialization of Untrusted Data due to Apache Commons Collections (CVE-2015-6420)

Summary Apache Commons Collections is shipped with IBM Tivoli Business Service Manager as part of its backend process to enhance Java operations. Information about a security vulnerability affecting Apache Commons Collections has been published in a security bulletin. Vulnerability Details...

9.8CVSS8.1AI score0.18763EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/13 9:35 a.m.8 views

Security Bulletin: Due to use of Apache Commons Text, IBM Operations Analytics - Log Analysis is affected by Remote Code Execution Attacks

Summary Apache Commons Text in Apache Solr is used by IBM Operations Analytics - Log Analysis as part of the string manipulation and interpolation. CVE-2025-46295. Vulnerability Details CVEID:CVE-2025-46295 DESCRIPTION: Apache Commons Text versions prior to 1.10.0 included interpolation features...

9.8CVSS7.9AI score0.00919EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/12 4:28 p.m.5 views

Security Bulletin: Uncontrolled Resource Consumption Vulnerability in Apache Commons IO XmlStreamReader, affects watsonx.data

Summary Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input. This issue affects Apache Commons IO: from 2.0 before 2.14.0. Users are recommended ...

4.3CVSS6.6AI score0.01249EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/09 3:21 p.m.10 views

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by an improper input validation due to Apache Commons HttpClient

Summary Apache Commons HttpClient is used by IBM Operations Analytics - Log Analysis as part of the standards-based Java library for executing HTTP requests. CVE-2012-6153, CVE-2012-5783. Vulnerability Details CVEID:CVE-2012-6153 DESCRIPTION: http/conn/ssl/AbstractVerifier.java in Apache Commons...

5.8CVSS6.6AI score0.09254EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 9:30 a.m.7 views

CVE-2023-29506

XWiki Commons are technical libraries common to several other top level XWiki projects. It was possible to inject some code using the URL of authenticated endpoints. This problem has been patched on XWiki 13.10.11, 14.4.7 and 14.10...

6.1CVSS6.8AI score0.01721EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:0 a.m.8 views

CVE-2023-29210

XWiki Commons are technical libraries common to several other top level XWiki projects. Any user with view rights on commonly accessible documents including the notification preferences macros can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki...

9.9CVSS7.5AI score0.01193EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:0 a.m.8 views

CVE-2023-29205

XWiki Commons are technical libraries common to several other top level XWiki projects. The HTML macro does not systematically perform a proper neutralization of script-related html tags. As a result, any user able to use the html macro in XWiki, is able to introduce an XSS attack. This can be...

9.9CVSS5.7AI score0.00588EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:0 a.m.8 views

CVE-2023-29201

XWiki Commons are technical libraries common to several other top level XWiki projects. The "restricted" mode of the HTML cleaner in XWiki, introduced in version 4.2-milestone-1, only escaped...

9CVSS6.6AI score0.01153EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:0 a.m.9 views

CVE-2023-29507

XWiki Commons are technical libraries common to several other top level XWiki projects. The Document script API returns directly a DocumentAuthors allowing to set any authors to the document, which in consequence can allow subsequent executions of scripts since this author is used for checking...

9.1CVSS6.7AI score0.00899EPSS
Exploits0References1
Rows per page
Query Builder