Lucene search
K

4459 matches found

OpenVAS
OpenVAS
added 2025/11/17 12:0 a.m.5 views

Mageia: Security Advisory (MGASA-2025-0299)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.8AI score0.01495EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2025/11/17 12:0 a.m.6 views

Mageia: Security Advisory (MGASA-2025-0296)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.63258EPSS
Exploits1References5
OSV
OSV
added 2025/11/15 7:52 p.m.8 views

MGASA-2025-0299 Updated apache-commons-beanutils packages fix security vulnerability

Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default. CVE-2025-48734...

8.8CVSS6.5AI score0.01495EPSS
Exploits1References3
OSV
OSV
added 2025/11/15 7:11 a.m.4 views

MGASA-2025-0293 Updated apache-commons-lang3 & apache-commons-lang packages fix security vulnerability

Apache Commons Lang, Apache Commons Lang: ClassUtils.getClass... can throw a StackOverflowError on very long inputs. CVE-2025-48924...

5.3CVSS6.9AI score0.02164EPSS
Exploits0References3
OSV
OSV
added 2025/11/15 7:11 a.m.8 views

MGASA-2025-0296 Updated apache-commons-fileupload packages fix security vulnerability

Apache Commons FileUpload: FileUpload DoS via part headers. CVE-2025-48976...

7.5CVSS6.9AI score0.63258EPSS
Exploits1References4
Mageia
Mageia
added 2025/11/15 7:11 a.m.6 views

Updated apache-commons-lang3 & apache-commons-lang packages fix security vulnerability

Apache Commons Lang, Apache Commons Lang: ClassUtils.getClass... can throw a StackOverflowError on very long inputs. CVE-2025-48924...

5.3CVSS6.5AI score0.02164EPSS
Exploits0References2
Atlassian
Atlassian
added 2025/11/14 2:31 a.m.19 views

DoS (Denial of Service) Third-Party Dependency in Jira Service Management Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 5.10.0, 5.11.0, 5.12.0, 5.13.0, 5.14.0, 5.15.2, 5.16.0, 5.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.0, 11.0.0 and and 11.1.0 of Jira Service Management Data Center and Server. This...

7.5CVSS6.9AI score0.63258EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/13 4:27 a.m.4 views

Security Bulletin: IBM Storage Insights is vulnerable to weakness related to Apache Commons Lang

Summary Vulnerabilities in Apache Commons Lang may affect IBM Storage Insights which could allow uncontrolled recursion. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with...

5.3CVSS6.1AI score0.02164EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/10 11:24 a.m.4 views

Security Bulletin: IBM Jazz Reporting Service is vulnerable to uncontrolled resource consumption in Apache Commons IO.

Summary A vulnerability has been identified in the Apache Commons IO library. This issue affects IBM® Jazz Reporting Service and has been addressed as documented in the Remediation section CVE-2024-47554. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resource Consumption...

4.3CVSS6.7AI score0.01249EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/10 7:12 a.m.6 views

Security Bulletin: WebSphere Application Server Liberty is affected by a denial of service due to Apache Commons FileUpload ( CVE-2025-48976)

Summary WebSphere Application Server Liberty is affected by a denial of service due to Apache Commons FileUpload CVE-2025-48976 Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache...

7.5CVSS6.7AI score0.63258EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/07 9:42 a.m.11 views

Security Bulletin: IBM Maximo Application Suite uses eventlet-0.40.1-py3-none-any.whl, commons-lang3-3.17.0.jar, net/http/internal 1.23.4 which is vulnerable to CVE-2025-58068, CVE-2025-48924, CVE-2025-22871

Summary IBM Maximo Application Suite uses eventlet-0.40.1-py3-none-any.whl, commons-lang3-3.17.0.jar, net/http/internal 1.23.4 which is vulnerable to CVE-2025-58068, CVE-2025-48924, CVE-2025-22871. This bulletin contains information regarding the vulnerability and how it is addressed. Vulnerabili...

9.1CVSS7.3AI score0.02164EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/06 10:56 a.m.4 views

Security Bulletin: Due to use of Apache Commons Lang, IBM Engineering Systems Design Rhapsody is affected by an Uncontrolled Recursion vulnerability

Summary Apache Commons Lang is used internally by IBM Engineering Systems Design Rhapsody CVE-2025-48924 Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with...

5.3CVSS6.6AI score0.02164EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/31 7:39 p.m.5 views

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty affect IBM InfoSphere Information Server

Summary There are multiple vulnerabilities in IBM® WebSphere Application Server Liberty that is used by IBM InfoSphere Information Server. These are addressed. Vulnerability Details CVEID:CVE-2025-36047 DESCRIPTION: IBM WebSphere Application Server Liberty 18.0.0.2 through 25.0.0.8 is vulnerable ...

7.5CVSS7AI score0.63258EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/31 7:8 p.m.18 views

Security Bulletin: IBM Guardium Data Security Center is affected by multiple vulnerabilities

Summary IBM Guardium Data Security Center has addressed these vulnerabilties with an update. Vulnerability Details CVEID:CVE-2025-41249 DESCRIPTION: The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized...

7.5CVSS7.2AI score0.02164EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/31 11:20 a.m.7 views

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring, IntegrationRuntime and IntegrationServer operands are vulnerable to improper access control [CVE-2025-48734]

Summary Apache Commons Beanutils is used by IBM App Connect Enterprise Certified Container when using MQ FTE. IBM App Connect Enterprise Certified Container DesignerAuthoring, IntegrationRuntime and IntegrationServer operands that run flows that use MQ FTE are vulnerable to improper access contro...

8.8CVSS7AI score0.01495EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/29 6:25 p.m.4 views

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to uncontrolled recursion due to the Apache Commons Lang package (CVE-2025-48924)

Summary Apache Commons Lang is used by DataStage on Cloud Pak for Data as part of API processing functionality. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with...

5.3CVSS6.7AI score0.02164EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/28 11:23 a.m.10 views

Security Bulletin: IBM Maximo Application Suite Predict Component uses Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability.

Summary Security Bulletin: IBM Maximo Application Suite Predict Component uses Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...

7.5CVSS6.4AI score0.63258EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/28 11:18 a.m.4 views

Security Bulletin: IBM Maximo Application Suite Predict Component uses Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability.

Summary Security Bulletin: IBM Maximo Application Suite Predict Component uses Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...

7.5CVSS6.4AI score0.63258EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/24 5:27 p.m.17 views

Security Bulletin: Multiple Vulnerabilities affect IBM Tivoli Netcool Impact

Summary Multiple vulnerabilities were addressed in IBM Tivoli Netcool Impact version 7.1.0.37 Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION: Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used to stop...

8.8CVSS8.4AI score0.08594EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/24 3:45 p.m.12 views

Security Bulletin: Vulnerability Werkzeug, Twisted-22.10.0-py3, requests-2.32.2-py3, commons-lang-2.6, commons-fileupload-1.5, urllib3-2.2.2, jetty-server-9.4.56.v20240826 affect IBM Cloud Object Storage Systems (Oct 2025)

Summary Vulnerability with Werkzeug CVE-2024-34069, CVE-2023-46136 ,CVE-2024-49767, CVE-2024-49766 Twisted-22.10.0-py3 CVE-2024-41810, CVE-2023-46137, CVE-2024-41671, requests-2.32.2-py3 CVE-2024-47081, urllib3-2.2.2 CVE-2025-50182,CVE-2025-501810 commons-lang-2.6CVE-2025-48924,...

8.3CVSS7.5AI score0.03397EPSS
Exploits2Affected Software1
Rows per page
Query Builder