CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

296 matches found

TIBCO JasperReports Library - Directory Traversal

The default server implementation of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports Library Community Edition, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for...

9.9CVSS7.2AI score0.93909EPSS

Exploits4References5

Snyk•added 2026/05/20 3:35 p.m.•5 views

Deserialization of Untrusted Data

Overview net.sf.jasperreports:jasperreports is an open source reporting engine for Java. Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the ObjectInputStream subclasses. An attacker can achieve remote code execution on the JVM host by sending a specially...

8.8CVSS6.4AI score0.00444EPSS

Exploits0References2

Veracode•added 2026/05/11 10:33 a.m.•7 views

Java Deserialisation

net.sf.jasperreports, jasperreports is vulnerable to Java Deserialization. The vulnerability is due to insecure deserialization of untrusted input, which allows an attacker to remotely execute arbitrary code on systems using the affected library...

9.8CVSS7.5AI score0.00656EPSS

Exploits0References5Affected Software1

IBM Security Bulletins•added 2026/05/04 4:8 p.m.•4 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in jasperreports (CVE-2025-10492)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2025-10492 reported for jasperreports-7.0.2.jar. Vulnerability Details CVEID:CVE-2025-10492 DESCRIPTION: A Java deserialisation vulnerability has been discovered in Jaspersoft Library. Improper handling of externally supplied...

9.8CVSS7.3AI score0.00656EPSS

Exploits0Affected Software1