Lucene search
K

326 matches found

RedHat Linux
RedHat Linux
added 2025/09/15 2:44 p.m.10 views

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

8.8CVSS7.6AI score0.01548EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2025/09/15 2:44 p.m.6 views

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

8.8CVSS7.6AI score0.01548EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2025/09/15 12:0 a.m.6 views

RHEL 9 : Red Hat Product OCP Tools 4.18 OpenShift Jenkins (RHSA-2025:15810)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:15810 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron...

8.8CVSS6.6AI score0.01548EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/02 2:31 p.m.9 views

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to improper access control due to the Apache Commons package (CVE-2025-48734)

Summary Apache Commons is used by DataStage on Cloud Pak for Data as part of Java utility functionality. Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION: Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used t...

8.8CVSS7.2AI score0.01548EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/26 5:49 p.m.6 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in commons-beanutils-1.9.4.jar

Summary IBM Watson Discovery Cartridge contains a vulnerable version of commons-beanutils-1.9.4.jar Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION: Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used to sto...

8.8CVSS8.1AI score0.01548EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/23 11:5 a.m.6 views

Security Bulletin: SPSS Collaboration and Deployment Services is affected by vulnerability in Apache Commons ( CVE-2025-48734).

Summary SPSS Collaboration and Deployment Services is affected by vulnerability in Apache Commons CVE-2025-48734. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION: Improper Access Control vulnerability in Apache Commons. A special...

8.8CVSS8.1AI score0.01548EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2025/08/06 4:17 p.m.6 views

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

8.8CVSS7.6AI score0.01548EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2025/08/01 5:42 p.m.4 views

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

8.8CVSS7.6AI score0.01548EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2025/07/30 12:0 a.m.6 views

RockyLinux 8 : javapackages-tools:201801 (RLSA-2025:9318)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:9318 advisory. apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default CVE-2019-10086 commons-beanutils: Apache Commons...

8.8CVSS6.8AI score0.28839EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2025/07/30 12:0 a.m.8 views

Oracle Linux 7 : apache-commons-beanutils (ELSA-2025-10814)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-10814 advisory. - Add SuppressPropertiesBeanIntrospector.SUPPRESSDECLARINGCLASS Orabug: 38176946CVE-2025-48734 - Fix CVE-2014-0114 - Fix CVE-2019-10086 - Resolves: CVE-2013-15...

8.8CVSS6.7AI score0.96121EPSS
Exploits7References2
Tenable Nessus
Tenable Nessus
added 2025/07/23 12:0 a.m.6 views

Oracle Identity Manager (July 2025 CPU)

The 12.2.1.4.0 versions of Identity Manager installed on the remote host are affected by a vulnerability as referenced in the July 2025 CPU advisory. - Vulnerability in the Oracle Identity Manager product of Oracle Fusion Middleware component: Core Apache Commons BeanUtils. The supported version...

8.8CVSS6.4AI score0.01548EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/07/18 12:0 a.m.5 views

Oracle Application Testing Suite (July 2025 CPU)

The versions of Oracle Application Testing Suite installed on the remote host are affected by a vulnerability as referenced in the July 2025 CPU advisory. - Vulnerability in the Oracle Application Testing Suite product of Oracle Enterprise Manager component: Load Testing for Web Apps Apache Commo...

8.8CVSS6.4AI score0.01548EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/07/18 12:0 a.m.6 views

Oracle Primavera Unifier (July 2025 CPU)

The versions of Primavera Unifier installed on the remote host are affected by a vulnerability as referenced in the July 2025 CPU advisory. - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering component: Platform Apache Commons BeanUtils. Supported versions that...

8.8CVSS6.9AI score0.01548EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2025/07/14 4:21 p.m.5 views

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

8.8CVSS7.6AI score0.01548EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2025/07/14 3:56 p.m.6 views

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

8.8CVSS7.6AI score0.01548EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2025/07/14 3:56 p.m.5 views

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

8.8CVSS7.6AI score0.01548EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2025/07/14 3:55 p.m.5 views

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

8.8CVSS7.6AI score0.01548EPSS
Exploits1References8
OSV
OSV
added 2025/07/11 10:6 a.m.6 views

RHSA-2025:10814 Red Hat Security Advisory: apache-commons-beanutils security update

Bulletin has no description...

8.8CVSS7.2AI score0.01548EPSS
Exploits1References11
BDU FSTEC
BDU FSTEC
added 2025/07/11 12:0 a.m.5 views

The vulnerability of the PropertyUtilsBean class in the Apache Commons Beanutils utility allows a hacker to execute arbitrary code.

The vulnerability of the PropertyUtilsBean utility in the Apache Commons Beanutils library is related to deficiencies in access control to the class loader. Exploiting this vulnerability could allow an attacker to execute arbitrary code remotely...

9CVSS7AI score0.01548EPSS
Exploits1References7Affected Software18
RedHat Linux
RedHat Linux
added 2025/07/10 4:19 p.m.6 views

Important: Red Hat Security Advisory: apache-commons-beanutils security update

An update for apache-commons-beanutils is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

8.8CVSS6.7AI score0.01548EPSS
Exploits1References2
Rows per page
Query Builder