Lucene search
K

4459 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/12/01 9:38 a.m.7 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses commons-lang3-3.17.0.jar which is vulnerable to CVE-2025-48924.

Summary IBM Maximo Application Suite - Monitor Component uses commons-lang3-3.17.0.jar which is vulnerable to CVE-2025-48924. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerabilit...

5.3CVSS6.6AI score0.02164EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/01 6:29 a.m.8 views

Security Bulletin: IBM Jazz Reporting Service is affected by improper access control due to Apache Commons

Summary Apache Commons is used internally by IBM Jazz Reporting Service CVE-2025-48734 Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION: Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used to stop attackers...

8.8CVSS7.1AI score0.01495EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/28 5:49 a.m.8 views

Security Bulletin: IBM Spectrum Control is vulnerable to weakness related to Apache Commons FileUpload (CVE-2025-48976)

Summary Vulnerability in Apache Commons FileUpload allows denial of service may affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. Thi...

7.5CVSS6.5AI score0.63258EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/26 4:35 p.m.4 views

Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to denial of service [CVE-2025-48924]

Summary Apache Commons Lang is used by IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container DesignerAuthoring, IntegrationRuntime and IntegrationServer operands are vulnerable to denial of service. This bulletin provides patch information to address the...

5.3CVSS6.4AI score0.02164EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/26 3:30 p.m.7 views

Security Bulletin: Apache commons-fileupload CVE-2025-48976 security vulnerability in FileNet Content Manager (FNCM) component Administration Console for Content Platform Engine (ACCE)

Summary Apache commons-fileupload CVE-2025-48976 security vulnerability in FileNet Content Manager FNCM component Administration Console for Content Platform Engine ACCE Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers with insufficient limits...

7.5CVSS6.6AI score0.63258EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/26 12:11 p.m.5 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to Uncontrolled Recursion due to Apache Commons Lang ( CVE-2025-48924 )

Summary IBM App Connect Enterprise runtime and IBM Integration Bus for z/OS are vulnerable to Uncontrolled Recursion due to Apache Commons Lang. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons...

5.3CVSS6.5AI score0.02164EPSS
Exploits0Affected Software2
vulnersOsv
vulnersOsv
added 2025/11/25 9:32 p.m.8 views

com.erudika:para-search-elasticsearch (=1.42.0), org.codelibs.fesen.client:fesen-httpclient (>=3.0.0 <=3.2.0) +43 more potentially affected by CVE-2025-9624 via org.opensearch:opensearch-common (>=3.0.0 <=3.2.0)

org.opensearch:opensearch-common MAVEN version =3.0.0, =3.0.0, =15.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0.0, =3.22.0, =3.0.0, =3.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.2 and more Source cves: CVE-2025-9624 Source advisory: OSV:GHSA-MW3V-MMFW-3X2G...

8.3CVSS5.8AI score0.0047EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/21 9:4 a.m.11 views

Security Bulletin: IBM Tivoli Application Dependency Discovery Manager is vulnerable to denial-of-service due to use of Apache Commons File Upload within IBM WebSphere Application Server Liberty

Summary This security bulletin addresses the vulnerabilitiy in IBM Tivoli Application Dependency Discovery Manager due to Apache Commons File Upload used in IBM WebSphere Application Server Liberty that is vulnerable to a denial of service CVE-2025-48976 Vulnerability Details CVEID:CVE-2025-48976...

7.5CVSS6.4AI score0.63258EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/20 2:28 p.m.5 views

Security Bulletin: Astronomer with IBM is vulnerable to uncontrolled recursion due to the Apache Commons Lang package ( CVE-2025-48924)

Summary Apache Commons Lang is used by Astronomer with IBM as part of overall processing. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6...

5.3CVSS6.1AI score0.02164EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.7 views

TencentOS Server 4: bcel (TSSA-2025:0575)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0575 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

9.8CVSS7.5AI score0.02836EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.10 views

TencentOS Server 4: tomcat (TSSA-2025:0623)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0623 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

7.5CVSS7.5AI score0.63258EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.8 views

TencentOS Server 4: apache-commons-beanutils (TSSA-2025:0562)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0562 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

8.8CVSS7AI score0.01495EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.7 views

TencentOS Server 2: apache-commons-beanutils (TSSA-2025:0654)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0654 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

8.8CVSS7AI score0.01495EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.8 views

TencentOS Server 2: apache-commons-vfs (TSSA-2025:0598)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0598 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

7.5CVSS6.7AI score0.01277EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/11/19 12:30 p.m.6 views

dev.savantly.nexus:agents-module (=3.4.0), dev.savantly.nexus:common-types-module (=3.4.0) +156 more potentially affected by CVE-2025-64408 via org.apache.causeway.commons:causeway-commons (>=2.0.0-RC1 <=3.4.0)

org.apache.causeway.commons:causeway-commons MAVEN version =2.0.0-RC1, =3.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.causeway.commons:causeway-commons and may be impacted: - dev.savantly.nexus:agents-module =3.4.0 -...

6.3CVSS5.8AI score0.09442EPSS
Exploits0
GithubExploit
GithubExploit
added 2025/11/19 12:6 p.m.317 views

ysoserial

ysoserial !GitHub releasehttps://img.shields.io/github/do...

7.2AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/19 10:46 a.m.6 views

org.apache.causeway.core:causeway-applib (=4.0.0-M1), org.apache.causeway.core:causeway-core-codegen-bytebuddy (=4.0.0-M1) +107 more potentially affected by CVE-2025-64408 via org.apache.causeway.commons:causeway-commons (=4.0.0-M1)

org.apache.causeway.commons:causeway-commons MAVEN version =4.0.0-M1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.causeway.commons:causeway-commons and may be impacted: - org.apache.causeway.core:causeway-applib =4.0.0-M1 -...

6.3CVSS5.8AI score0.09442EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/19 10:46 a.m.7 views

dev.savantly.nexus:agents-module (=3.4.0), dev.savantly.nexus:common-types-module (=3.4.0) +156 more potentially affected by CVE-2025-64408 via org.apache.causeway.commons:causeway-commons (>=2.0.0-RC1 <=3.4.0)

org.apache.causeway.commons:causeway-commons MAVEN version =2.0.0-RC1, =3.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.causeway.commons:causeway-commons and may be impacted: - dev.savantly.nexus:agents-module =3.4.0 -...

6.3CVSS5.8AI score0.09442EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.8 views

Oracle Application Testing Suite (October 2025 CPU)

The versions of Oracle Application Testing Suite installed on the remote host are affected by a vulnerability as referenced in the October 2025 CPU advisory. - Vulnerability in the Oracle Application Testing Suite product of Oracle Enterprise Manager component: Load Testing for Web Apps Apache...

7.5CVSS7.2AI score0.63258EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2025/11/17 12:0 a.m.2 views

Mageia: Security Advisory (MGASA-2025-0293)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6.8AI score0.02164EPSS
Exploits0References4
Rows per page
Query Builder