CVE-2025-34039

CVE-2025-34039 affects Yonyou UFIDA NC v6.5 and earlier, due to exposure of the BeanShell testing servlet (bsh.servlet.BshServlet) without proper access controls. An unauthenticated remote attacker can exploit the bsh.script parameter to execute arbitrary Java code, potentially running system com...

Security Bulletin: Vulnerability in BeanShell affects IBM Emptoris Strategic Supply Management. (CVE-2016-2510).

Summary A BeanShell vulnerability for handling Java object deserialization was addressed by IBM Emptoris Strategic Supply Management Platform, IBM Contract Management and IBM Program Management products. Vulnerability Details CVEID: CVE-2016-2510 DESCRIPTION: BeanShell could allow a remote attack...

CVE-2016-2510

BeanShell bsh before 2.0b6, when included on the classpath by an application that uses Java serialization or XStream, allows remote attackers to execute arbitrary code via crafted serialized data, related to XThis.Handler...

USN-2923-1: BeanShell vulnerability

Alvaro Muñoz and Christian Schneider discovered that BeanShell incorrectly handled deserialization. A remote attacker could possibly use this issue to execute arbitrary code...