CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

299 matches found

TIBCO JasperReports Library - Directory Traversal

The default server implementation of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports Library Community Edition, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for...

9.9CVSS7AI score0.79836EPSS

Exploits4References5

vulnersOsv•added 2026/05/20 3:35 p.m.•5 views

africa.absa:inception-reporting (>=1.0.0 <=1.2.0), africa.absa:inception-reporting-api (>=1.0.0 <=1.2.0) +427 more potentially affected by CVE-2026-6009 via net.sf.jasperreports:jasperreports (>=3.7.0 <=7.0.7)

net.sf.jasperreports:jasperreports MAVEN version =3.7.0, =1.0.0, =1.0.0, =4.0.4, =1.0.0, =1.0.7, =2.1.0, =2.1.0, =0.0.1, =0.0.1, =20.3.0, =24.2.0, =20.3.0, =2.23.5, =2.23.5, =23.1.0, =25.11.0 and more Source cves: CVE-2026-6009 Source advisory: SNYK:JAVA-NETSFJASPERREPORTS-16787146...

8.7CVSS5.4AI score0.00476EPSS

Exploits0

Snyk•added 2026/05/20 3:35 p.m.•9 views

Deserialization of Untrusted Data

Overview net.sf.jasperreports:jasperreports is an open source reporting engine for Java. Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the ObjectInputStream subclasses. An attacker can achieve remote code execution on the JVM host by sending a specially...

8.8CVSS6.3AI score0.00476EPSS

Exploits0References2

Veracode•added 2026/05/11 10:33 a.m.•11 views

Java Deserialisation

net.sf.jasperreports, jasperreports is vulnerable to Java Deserialization. The vulnerability is due to insecure deserialization of untrusted input, which allows an attacker to remotely execute arbitrary code on systems using the affected library...

9.8CVSS7.5AI score0.00876EPSS

Exploits0References6Affected Software1

IBM Security Bulletins•added 2026/05/04 4:8 p.m.•6 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in jasperreports (CVE-2025-10492)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2025-10492 reported for jasperreports-7.0.2.jar. Vulnerability Details CVEID:CVE-2025-10492 DESCRIPTION: A Java deserialisation vulnerability has been discovered in Jaspersoft Library. Improper handling of externally supplied...

9.8CVSS7.3AI score0.00876EPSS

Exploits0Affected Software1