CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

Tenable Nessus•added 2025/11/20 12:0 a.m.•6 views

TencentOS Server 4: apache-commons-beanutils (TSSA-2025:0562)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0562 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

8.8CVSS7AI score0.00258EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2020-0465

Malware in sbrugna...

7.5CVSS6.7AI score0.01215EPSS

Exploits1References112

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-16219

Malicious code in bioql PyPI...

8.8CVSS6.2AI score0.00258EPSS

Exploits1References4

IBM Security Bulletins•added 2025/09/29 9:54 p.m.•10 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Apache Commons (CVE-2025-48734)

Summary A vulnerability in Apache Commons that is used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION: Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used...

8.8CVSS7.1AI score0.00258EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/07/02 3:26 p.m.•10 views

Security Bulletin: IBM Tivoli Business Service Manager is vulnerable to improper access control due to Apache Commons BeanUtils (CVE-2025-23184)

Summary Apache Commons BeanUtils is shipped with IBM Tivoli Business Service Manager as part of its backend process to handle Java Beans. Information about a security vulnerability affecting Apache Commons BeanUtils has been published in a security bulletin. Vulnerability Details...

8.8CVSS6.8AI score0.00258EPSS

Exploits1Affected Software1

Tenable Nessus•added 2025/06/23 12:0 a.m.•4 views

Amazon Linux 2023 : javapackages-bootstrap (ALAS2023-2025-1027)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1027 advisory. Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used to stop attackers from using the declared class property of Java...

8.8CVSS7AI score0.00258EPSS

Exploits1References4

OSV•added 2025/05/28 3:34 p.m.•4 views

GHSA-WXR5-93PH-8WR9 Apache Commons Improper Access Control vulnerability

Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used to stop attackers from using the declared class property of Java enum objects to get access to the classloader. However this protection was not enabled by default...

8.8CVSS8AI score0.00258EPSS

Exploits1References6

Github Security Blog•added 2025/05/28 3:34 p.m.•20 views

Apache Commons Improper Access Control vulnerability

8.8CVSS7.7AI score0.00258EPSS

Exploits1References6Affected Software2

NVD•added 2025/05/28 2:15 p.m.•24 views

CVE-2025-48734

8.8CVSS0.00258EPSS

Exploits1References3

OSV•added 2025/05/28 2:15 p.m.•4 views

CVE-2025-48734

8.8CVSS8AI score

Exploits0References3

Cvelist•added 2025/05/28 1:32 p.m.•464 views

CVE-2025-48734 Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

0.00258EPSS

Exploits1References1

SUSE CVE•added 2023/02/15 4:13 a.m.•2 views

SUSE CVE-2019-10086

In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean...

7.3CVSS9.1AI score0.01215EPSS

Exploits1References7

OSV•added 2020/06/15 8:36 p.m.•2 views

GHSA-6PHF-73Q6-GH87 Insecure Deserialization in Apache Commons Beanutils

7.3CVSS6.8AI score0.01215EPSS

Exploits1References57

BDU FSTEC•added 2020/03/13 12:0 a.m.•0 views

The vulnerability of the BeanIntrospector class in the Apache Commons Beanutils utility allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the BeanIntrospector class in the Apache Commons Beanutils utility is related to the reallocation of memory for unreliable data structures. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

7.5CVSS0.01215EPSS

Exploits1References9Affected Software13

Amazon•added 2020/02/17 12:0 a.m.•92 views

Important: apache-commons-beanutils

Issue Overview: In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the...

7.5CVSS7.4AI score0.01215EPSS

Exploits1

OSV•added 2019/08/20 9:15 p.m.•2 views

DEBIAN-CVE-2019-10086

7.3CVSS6.8AI score0.01215EPSS

Exploits1References1

OSV•added 2019/08/20 9:15 p.m.•0 views

UBUNTU-CVE-2019-10086

7.3CVSS6.7AI score0.01215EPSS

Exploits1References6

UbuntuCve•added 2019/08/20 9:15 p.m.•51 views

CVE-2019-10086

7.5CVSS6.8AI score0.01215EPSS

Exploits1References5

Prion•added 2019/08/20 9:15 p.m.•29 views

Default configuration

7.5CVSS8.2AI score0.01215EPSS

Exploits1References55Affected Software60

Positive Technologies•added 2019/08/20 12:0 a.m.•8 views

PT-2019-4682 · Apache +6 · Apache Commons Beanutils +6

Name of the Vulnerable Software and Affected Versions: Apache Commons Beanutils versions prior to 1.9.2 Description: The issue is related to the BeanIntrospector class in Apache Commons Beanutils, which can lead to the restoration of untrusted data structures in memory. This can allow a remote...

9.8CVSS6.9AI score0.92947EPSS

Exploits22References161

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by