Lucene search
K

2994 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/04/04 5:47 p.m.40 views

Security Bulletin: IBM Tivoli Netcool Impact is vulnerable to a denial of service due to Apache Commons Compress (CVE-2024-25710, CVE-2024-26308)

Summary Apache Commons Compress is shipped with IBM Tivoli Netcool Impact as part of it's server communication infrastructure. Information about security vulnerabilities affecting Apache Commons Compress has been published in a security bulletin. Vulnerability Details CVEID:CVE-2024-25710...

8.1CVSS7AI score0.00898EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2024/04/03 10:53 a.m.41 views

Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.2.11 release and security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...

10CVSS7AI score0.0481EPSS
Exploits0References16
OpenVAS
OpenVAS
added 2024/04/03 12:0 a.m.19 views

Fedora: Security Advisory (FEDORA-2024-fa7b758114)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3CVSS7.4AI score0.02054EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2024/04/03 12:0 a.m.24 views

Fedora: Security Advisory (FEDORA-2024-c673517dce)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3CVSS7.4AI score0.02054EPSS
Exploits0References8
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/02 10:47 a.m.39 views

Security Bulletin: IBM Cloud Pak for Network Automation 2.7.1 addresses multiple existing security vulnerabilities

Summary IBM Cloud Pak for Network Automation 2.7.1 addresses multiple security vulnerabilities, listed in the CVEs below. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-24680 DESCRIPTION: Django is vulnerable to a denial of service,...

9.8CVSS8.2AI score0.32257EPSS
Exploits4Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/04/02 12:0 a.m.280 views

Oracle Enterprise Manager Agent (January 2023 CPU)

The 13.4.0.0 and 13.5.0.0 versions of Enterprise Manager Base Platform installed on the remote host are affected by a vulnerability as referenced in the January 2023 CPU advisory. - Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Management...

9.8CVSS8.7AI score0.99931EPSS
Exploits41References3
BDU FSTEC
BDU FSTEC
added 2024/04/01 12:0 a.m.5 views

The vulnerability of the ListDelimiterHandler.flatten function in the Apache Commons Configuration library allows a attacker to execute arbitrary code.

The vulnerability of the ListDelimiterHandler.flatten function in the Apache Commons Configuration library is related to memory buffer overflows. Exploitation of this vulnerability could allow an attacker to execute arbitrary code using specially created data...

10CVSS7.2AI score0.01727EPSS
Exploits0References10Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/04/01 12:0 a.m.4 views

The vulnerability of the AbstractListDelimiterHandler.flattenIterator() function in the Apache Commons Configuration library allows a hacker to execute arbitrary code.

The vulnerability of the AbstractListDelimiterHandler.flattenIterator function in the Apache Commons Configuration library is related to memory overflow beyond buffer boundaries. Exploiting this vulnerability could allow an attacker to execute arbitrary code using specially created data...

10CVSS7.2AI score0.02054EPSS
Exploits0References11Affected Software3
Tenable Nessus
Tenable Nessus
added 2024/03/30 12:0 a.m.32 views

Fedora 39 : apache-commons-configuration (2024-fa7b758114)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-fa7b758114 advisory. This update contains security fixes for CVE-2024-29131 and CVE-2024-29133. See...

7.3CVSS6.5AI score0.02054EPSS
Exploits0References3
Fedora
Fedora
added 2024/03/29 4:11 a.m.52 views

[SECURITY] Fedora 40 Update: apache-commons-configuration-2.10.1-1.fc40

The Commons Configuration software library provides a generic configuration interface which enables a Java application to read configuration data from a variety of sources. Commons Configuration provides typed access to single, and multi-valued configuration parameters as demonstrated by the...

7.3CVSS5.9AI score0.02054EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/28 5:47 p.m.33 views

Security Bulletin: IBM Automation Decision Services - March 2024 - CVE-2024-26308, CVE-2024-25710

Summary IBM Automation Decision Services is vulnerable to denial of service attacks in third party and open source used in the product for various functions. See full list below. This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2024-26308 DESCRIPTION: Apache Commons Compress...

8.1CVSS6.5AI score0.00898EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2024/03/26 11:15 a.m.4 views

commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

A loop with an unreachable exit condition Infinite Loop vulnerability was found in Apache Common Compress. This issue can lead to a denial of service...

8.1CVSS6.8AI score0.00441EPSS
Exploits0References6
CNVD
CNVD
added 2024/03/26 12:0 a.m.36 views

Apache Commons Configuration Out-of-Bounds Write Vulnerability (CNVD-2024-16109)

Apache Commons Configuration is the United States Apache Apache Foundation , a common configuration interface , it is mainly used to enable Java applications to read configuration data from a variety of sources . An out-of-bounds write vulnerability exists in Apache Commons Configuration versions...

5.4CVSS7.6AI score0.01727EPSS
Exploits0References1
CNVD
CNVD
added 2024/03/26 12:0 a.m.62 views

Apache Commons Configuration Out-of-Bounds Write Vulnerability

Apache Commons Configuration is the United States Apache Apache Foundation , a common configuration interface , it is mainly used to enable Java applications to read configuration data from a variety of sources . An out-of-bounds write vulnerability exists in Apache Commons Configuration versions...

7.3CVSS7.6AI score0.02054EPSS
Exploits0References1
Veracode
Veracode
added 2024/03/22 6:49 a.m.27 views

Out-of-Bounds Write

Apache Commons Configuration is vulnerable to Out-of-Bounds Write. The vulnerability is due to improper iterator handling within the AbstractListDelimiterHandler.flattenIterator method, which can result in Denial of Service if crafted input is passed to the method...

7.3CVSS6.7AI score0.02054EPSS
Exploits0References7Affected Software1
Veracode
Veracode
added 2024/03/22 5:11 a.m.40 views

Out-of-Bounds Write

Apache Commons Configuration is vulnerable to Out-of-Bounds Write. The vulnerability is due to improper handling of a cyclical object tree, which can trigger a StackOverflowError when the ListDelimiterHandler.flatten method is called. This occurs because the method recursively traverses the objec...

5.4CVSS6.7AI score0.01727EPSS
Exploits0References6Affected Software1
SUSE CVE
SUSE CVE
added 2024/03/22 4:17 a.m.2 views

SUSE CVE-2024-29131

Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue...

4.4CVSS7.9AI score0.02054EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/03/22 4:17 a.m.2 views

SUSE CVE-2024-29133

Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue...

4.4CVSS7.9AI score0.01727EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2024/03/21 12:16 p.m.82 views

CVE-2024-29131

A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error can occur when adding a property in AbstractListDelimiterHandler.flattenIterator. This issue could allow an attacker to corrupt memory or execute a denial of service attack by crafting malicious property that...

4.4CVSS7AI score0.02054EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2024/03/21 12:16 p.m.43 views

CVE-2024-29133

A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error occurs when calling ListDelimiterHandler.flattenObject, int with a cyclical object tree. This issue could allow an attacker to trigger an out-of-bounds write that could lead to memory corruption or cause a...

4.4CVSS6.2AI score0.01727EPSS
Exploits0References5
Rows per page
Query Builder