CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

768 matches found

OSV•added 2018/07/25 3:29 p.m.•2 views

CVE-2017-10934

All versions prior to V5.09.02.02T4 of the ZTE ZXIPTV-EPG product use the Java RMI service in which the servers use the Apache Commons Collections ACC library that may result in Java deserialization vulnerabilities. An unauthenticated remote attacker can exploit the vulnerabilities by sending a...

9.8CVSS6.2AI score

Exploits0References1

NVD•added 2018/07/25 3:29 p.m.•19 views

CVE-2017-10934

9.8CVSS9.8AI score0.0709EPSS

Exploits0References1

CVE•added 2018/07/25 3:0 p.m.•40 views

CVE-2017-10934

This CVE (CVE-2017-10934) affects ZTE ZXIPTV-EPG prior to version 5.09.02.02T4. The issue stems from the Java RMI service using the Apache Commons Collections library, leading to Java deserialization vulnerabilities. An unauthenticated remote attacker could trigger code execution on the target ho...

9.8CVSS9.7AI score0.0709EPSS

Exploits0References1Affected Software1

0day.today•added 2018/07/10 12:0 a.m.•283 views

Oracle WebLogic 12.1.2.0 RMI Registry UnicastRef Object Java Deserialization Remote Code Execution

Exploit for multiple platform in category web applications !/usr/bin/python -- coding: utf-8 -- from argparse import RawTextHelpFormatter import socket, argparse, subprocess, ssl, os.path HELPMESSAGE = ''' --------------------------------------------------------------------------------------...

7.5CVSS9.2AI score0.91193EPSS

Exploits14

Packet Storm•added 2018/07/09 12:0 a.m.•230 views

Oracle WebLogic 12.1.2.0 Remote Code Execution

!/usr/bin/python -- coding: utf-8 -- from argparse import RawTextHelpFormatter import socket, argparse, subprocess, ssl, os.path HELPMESSAGE = ''' -------------------------------------------------------------------------------------- Developped by bobsecq: [email protected]...

7.5CVSS9.5AI score0.91193EPSS

Exploits14

Exploit DB•added 2018/07/07 12:0 a.m.•145 views

Oracle WebLogic 12.1.2.0 - RMI Registry UnicastRef Object Java Deserialization Remote Code Execution

9.8CVSS7AI score0.91193EPSS

Exploits14

CNVD•added 2018/07/03 12:0 a.m.•3 views

Micro Focus Universal Configuration Management Database Server Cross-Site Request Forgery Vulnerability

Micro Focus Universal Configuration Management Database UCMDB is a suite of database software from Micro Focus UK that stores, controls and manages software and infrastructure components and their interrelationships.UCMDB Server is one of the UCMDB Server is one of the server applications. A...

8.8CVSS7.8AI score0.00094EPSS

Exploits0References1

CNVD•added 2018/06/19 12:0 a.m.•2 views

Micro Focus Universal Configuration Management Database Browser Cross-Site Request Forgery Vulnerability

Micro Focus Universal Configuration Management Database UCMDB is a suite of database software from Micro Focus, UK, that stores, controls and manages software and infrastructure components and their interrelationships.UCMDB Browser is one of the browsers used to access the UCMDB data. UCMDB Brows...

8.8CVSS7.8AI score0.00106EPSS

Exploits0References1

IBM Security Bulletins•added 2018/06/18 12:28 a.m.•19 views

Security Bulletin: Apache Commons Collection Java Deserialization Vulnerability in Multiple N series Products

Summary Multiple N series products incorporate the Apache Commons Collection library. Versions of Apache Commons Collection before 3.2.2 and including 4.0 are susceptible to a vulnerability that could be exploited to allow remote attackers to execute arbitrary commands on the system. Multiple N...

10CVSS2.1AI score0.93274EPSS

Exploits10Affected Software1

IBM Security Bulletins•added 2018/06/18 12:10 a.m.•19 views

Security Bulletin: Vulnerability in Apache Commons affects IBM Virtualization Engine TS7700 (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM Virtualization Engine TS7700. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker to execute arbitrary code on the system,...

10CVSS3.4AI score0.93274EPSS

Exploits10Affected Software4

IBM Security Bulletins•added 2018/06/17 3:13 p.m.•25 views

Security Bulletin: Vulnerability in Apache Commons affects IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware and IBM Tivoli Storage FlashCopy Manager for VMware (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware IBM Spectrum Protect for Virtual Environments and the IBM Tivoli Storage FlashCopy Manager for VMware IBM...

10CVSS2.1AI score0.93274EPSS

Exploits10Affected Software2

IBM Security Bulletins•added 2018/06/17 3:13 p.m.•35 views

Security Bulletin: Vulnerability in Apache Commons affects IBM Tivoli Composite Application Manager for Application Diagnostics (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM Tivoli Composite Application Manager Agent for Application Diagnostics Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker...

10CVSS1.7AI score0.93274EPSS

Exploits10Affected Software1

IBM Security Bulletins•added 2018/06/17 3:13 p.m.•31 views

Security Bulletin: Vulnerability in Apache Commons affects IBM Tivoli Composite Application Manager Agent for J2EE (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM Tivoli Composite Application Manager Agent for J2EE. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker to execute...

10CVSS1.7AI score0.93274EPSS

Exploits10Affected Software1

IBM Security Bulletins•added 2018/06/17 5:8 a.m.•21 views

Security Bulletin: Vulnerability in Spring Framework for Java Deserialization in Rational Test Control Panel in Rational Test Workbench and Rational Test Virtualization Server (CVE-2015-7450)

Summary A Spring Framework vulnerability for handling Java object deserialization was addressed by Rational Test Control Panel in Rational Test Workbench and Rational Test Virtualization Server. This vulnerability does not have its own CVE number, but is linked to CVE-2015-7450. Vulnerability...

10CVSS0.6AI score0.93274EPSS

Exploits10Affected Software2

IBM Security Bulletins•added 2018/06/17 5:7 a.m.•34 views

Security Bulletin: Vulnerability in Apache Commons affects IBM Rational Application Developer for WebSphere Software (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM Rational Application Developer for WebSphere Software. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker to execute...

10CVSS2AI score0.93274EPSS

Exploits10Affected Software2

IBM Security Bulletins•added 2018/06/17 5:7 a.m.•34 views

Security Bulletin: Vulnerability in Apache Commons affects Rational Directory Server Tivoli and Rational Directory Administrator (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by the Apache Software Foundation and incorporated into an IBM WebSphere Application Server Liberty fixes. Vulnerability Details IBM Rational Directory Server Tivoli and Rational Directory...

10CVSS0.3AI score0.93274EPSS

Exploits10Affected Software1

IBM Security Bulletins•added 2018/06/16 9:38 p.m.•16 views

Security Bulletin: Vulnerability in Apache Commons could affect IBM QRadar SIEM and IBM QRadar Incident Forensics. (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM QRadar SIEM and IBM QRadar Incident Forensics. Vulnerability Details VULNERABILITY DETAILS CVE-ID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker ...

10CVSS2.7AI score0.93274EPSS

Exploits10Affected Software1

IBM Security Bulletins•added 2018/06/15 7:4 a.m.•26 views

Security Bulletin: Vulnerability in Apache Commons affects IBM Integration Designer (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM Integration Designer. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker to execute arbitrary code on the system, caused ...

10CVSS2.7AI score0.93274EPSS

Exploits10Affected Software1

OSV•added 2018/06/11 5:29 p.m.•1 views

CVE-2017-3201

The Java implementation of AMF3 deserializers used in Flamingo amf-serializer by Exadel, version 2.2.0 derives class instances from java.io.Externalizable rather than the AMF3 specification's recommendation of flash.utils.IExternalizable. A remote attacker with the ability to spoof or control an...

8.1CVSS6AI score

Exploits0References4

CNVD•added 2018/05/24 12:0 a.m.•3 views

Citrix XenMobile Server Hazelcast Library Java Deserialization Vulnerability

Citrix XenMobile Server is a mobility management solution. The solution is able to manage mobile devices, set mobile policies and compliance rules, gain insight into mobile mobile network operations, and more. A security vulnerability exists in Citrix XenMobile Server. No detailed vulnerability...

8.1CVSS8.2AI score0.00361EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by