CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

348 matches found

Tenable Nessus•added 2018/12/28 12:0 a.m.•33 views

Oracle Business Intelligence Publisher Multiple Vulnerabilities (April 2018 CPU)

The version of Oracle Business Intelligence Publisher running on the remote host is 11.1.1.7.x prior to 11.1.1.7.180417 or 11.1.1.9.x prior to 11.1.1.9.180417, similarly, versions 12.2.1.2.x prior to 12.2.1.2.180116 and 12.2.1.3.x prior to 12.2.1.3.180116 are affected as noted in the April 2018...

10CVSS7.3AI score0.83274EPSS

Exploits8References3

Github Security Blog•added 2018/10/16 11:13 p.m.•54 views

Apache Camel's Jackson and JacksonXML unmarshalling operation are vulnerable to Remote Code Execution attacks

Apache Camel's camel-jackson and camel-jacksonxml components are vulnerable to Java object de-serialisation vulnerability. Camel allows to specify such a type through the 'CamelJacksonUnmarshalType' property. De-serializing untrusted data can lead to security flaws as demonstrated in various...

9.8CVSS9.5AI score0.10604EPSS

Exploits1References23Affected Software1

OSV•added 2018/10/16 11:10 p.m.•1 views

GHSA-GV5F-CJW9-5VXG Camel-xstream component in Apache Camel can allow remote attackers to execute arbitrary commands

The camel-xstream component in Apache Camel before 2.15.5 and 2.16.x before 2.16.1 allow remote attackers to execute arbitrary commands via a crafted serialized Java object in an HTTP request...

9.8CVSS7.5AI score0.0712EPSS

Exploits0References17

Github Security Blog•added 2018/10/16 5:21 p.m.•46 views

Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serialization

Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serialization. De-serializing untrusted data can lead to security flaws...

9.8CVSS2.1AI score0.06286EPSS

Exploits0References17Affected Software1

IBM Security Bulletins•added 2018/08/03 4:23 a.m.•36 views

Security Bulletin: Vulnerability in Apache Commons affects Rational Developer for i, Rational Developer for AIX and Linux and Rational Developer for Power Systems Software (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by Rational Developer for i, Rational Developer for AIX and Linux and Rational Developer for Power Systems Software. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons...

10CVSS1.8AI score0.97655EPSS

Exploits10Affected Software3

RedHat Linux•added 2018/07/31 5:50 p.m.•4 views

xmlrpc: Deserialization of untrusted Java object through <ex:serializable> tag

A flaw was discovered in the Apache XML-RPC ws-xmlrpc library that deserializes untrusted data when enabledForExtensions setting is enabled. A remote attacker could use this vulnerability to execute arbitrary code via a crafted serialized Java object in a element...

9.8CVSS6.2AI score0.15272EPSS

Exploits1References4

Amazon•added 2018/06/20 12:0 a.m.•26 views

Important: xmlrpc

Issue Overview: A flaw was discovered in the Apache XML-RPC ws-xmlrpc library that deserializes untrusted data when enabledForExtensions setting is enabled. A remote attacker could use this vulnerability to execute arbitrary code via a crafted serialized Java object in a element.CVE-2016-5003...

9.8CVSS9.8AI score0.15272EPSS

Exploits1

IBM Security Bulletins•added 2018/06/18 1:32 a.m.•38 views

Security Bulletin: A vulnerability in Apache Commons affects IBM Flex System Manager(FSM) (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by FSM. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker to execute arbitrary code on the system, caused by the deserializatio...

10CVSS2.5AI score0.97655EPSS

Exploits10Affected Software1

IBM Security Bulletins•added 2018/06/18 1:30 a.m.•27 views

Security Bulletin: An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM Platform Cluster Manager Standard Edition, IBM Platform Cluster Manager Advanced Edition, and Platform HPC.

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM Platform Cluster Manager Standard Edition, IBM Platform Cluster Manager Advanced Edition, and Platform HPC. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons...

10CVSS0.6AI score0.97655EPSS

Exploits10Affected Software1

IBM Security Bulletins•added 2018/06/17 10:32 p.m.•21 views

Security Bulletin: Vulnerability in Apache Commons affects IBM Cloud Orchestrator, IBM Cloud Orchestrator Enterprise, and products shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM Cloud Orchestrator, IBM Cloud Orchestrator Enterprise, and products shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise. Vulnerability Details IBM Business Proce...

10CVSS0.8AI score0.97655EPSS

Exploits10Affected Software1

IBM Security Bulletins•added 2018/06/17 10:32 p.m.•46 views

Security Bulletin: Vulnerabilities in Apache Commons Collections and Apache Groovy affects IBM UrbanCode Build (CVE-2015-7450, CVE-2015-3253)

Summary Apache Commons Collections and Apache Groovy vulnerabilities for handling Java object deserialization were addressed by IBM UrbanCode Build Vulnerability Details CVE-ID: CVE-2015-7450 Description: Apache Commons Collections could allow a remote attacker to execute arbitrary code on the...

10CVSS2.2AI score0.97655EPSS

Exploits14Affected Software1

IBM Security Bulletins•added 2018/06/17 3:13 p.m.•64 views

Security Bulletin: Vulnerability in Apache Commons affects IBM Tivoli Composite Application Manager Agent for WebSphere Applications (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM Tivoli Composite Application Manager Agent for WebSphere Applications. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker...

10CVSS1.7AI score0.97655EPSS

Exploits10Affected Software1

IBM Security Bulletins•added 2018/06/17 3:13 p.m.•30 views

Security Bulletin: Vulnerability in Apache Commons affects Tivoli Network Manager Transmission Edition (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by Tivoli Network Manager Transmission Edition. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker to execute arbitrary code on...

10CVSS1.5AI score0.97655EPSS

Exploits10Affected Software1

IBM Security Bulletins•added 2018/06/17 1:6 p.m.•34 views

Security Bulletin: Vulnerability in Apache Commons affects Watson Explorer and Watson Content Analytics (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by Watson Explorer and Watson Content Analytics. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker to execute arbitrary code on...

10CVSS0.8AI score0.97655EPSS

Exploits10Affected Software2

IBM Security Bulletins•added 2018/06/17 12:13 p.m.•40 views

Security Bulletin: Vulnerability in Apache Commons affects IBM Content Navigator (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM Content Navigator. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker to execute arbitrary code on the system, caused by...

10CVSS3.7AI score0.97655EPSS

Exploits10Affected Software1

IBM Security Bulletins•added 2018/06/17 12:13 p.m.•34 views

Security Bulletin:Vulnerability in Apache Commons affects IBM Content Collector (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM Content Collector. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker to execute arbitrary code on the system, caused by...

10CVSS2AI score0.97655EPSS

Exploits10Affected Software1

IBM Security Bulletins•added 2018/06/17 12:13 p.m.•30 views

Security Bulletin: Vulnerability in Apache Commons (CVE-2015-7450), affects FileNet Content Manager and IBM Content Foundation

Summary An Apache Commons Collections vulnerability for handling Java object deserialization is addressed in the FileNet Content Manager and IBM Content Foundation products. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker to execute...

10CVSS1.7AI score0.97655EPSS

Exploits10Affected Software2

IBM Security Bulletins•added 2018/06/17 5:7 a.m.•33 views

Security Bulletin: Vulnerability in Apache Commons affects Rational DOORS Web Access (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by the Apache Software Foundation. Vulnerability Details IBM Rational DOORS Web Access is affected by the following vulnerability: CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collection...

10CVSS2.3AI score0.97655EPSS

Exploits10Affected Software1

IBM Security Bulletins•added 2018/06/16 8:0 p.m.•27 views

Security Bulletin: Vulnerability in BeanShell affects IBM Emptoris Strategic Supply Management. (CVE-2016-2510).

Summary A BeanShell vulnerability for handling Java object deserialization was addressed by IBM Emptoris Strategic Supply Management Platform, IBM Contract Management and IBM Program Management products. Vulnerability Details CVEID: CVE-2016-2510 DESCRIPTION: BeanShell could allow a remote attack...

8.1CVSS8.3AI score0.70425EPSS

Exploits1Affected Software2

IBM Security Bulletins•added 2018/06/16 7:52 p.m.•23 views

Security Bulletin: Vulnerability in Apache Commons Collections affects IBM Forms Server (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM Forms Server. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons Collections could allow a remote attacker to execute arbitrary code on the system, caused by the...

10CVSS2.4AI score0.97655EPSS

Exploits10Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by