Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache commons collections vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2018-5393
The TP-LINK EAP Controller is TP-LINK's software for remotely controlling wireless access point devices. It utilizes a Java remote method invocation (RMI) service for remote control. The RMI interface does not require any authentication before use, so it lacks user authentic...
Tp-link Eap Controller
10
CVSSv2
CVE-2017-10932
All versions prior to V12.17.20 of the ZTE Microwave NR8000 series products - NR8120, NR8120A, NR8120, NR8150, NR8250, NR8000 TR and NR8950 are the applications of C/S architecture using the Java RMI service in which the servers use the Apache Commons Collections (ACC) library th...
Zte Nr8120 Firmware -
Zte Nr8120a Firmware -
Zte Nr8150 Firmware -
Zte Nr8250 Firmware -
Zte Nr8000tr Firmware -
Zte Nr8950 Firmware -
10
CVSSv2
CVE-2016-3642
The RMI service in SolarWinds Virtualization Manager 6.3.1 and previous versions allows remote malicious users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
Solarwinds Virtualization Manager
10
CVSSv2
CVE-2016-1999
The server in HP Release Control 9.13, 9.20, and 9.21 allows remote malicious users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
Hp Release Control 9.21
Hp Release Control 9.20
Hp Release Control 9.13
10
CVSSv2
CVE-2016-1997
HPE Operations Orchestration 10.x prior to 10.51 and Operations Orchestration content prior to 1.7.0 allow remote malicious users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
Hp Operations Orchestration Content
Hp Operations Orchestration 10.20
Hp Operations Orchestration 10.22
Hp Operations Orchestration 10.50
Hp Operations Orchestration 10.22.1
Hp Operations Orchestration 10.01
Hp Operations Orchestration 10.02
Hp Operations Orchestration 10.0
Hp Operations Orchestration 10.10
Hp Operations Orchestration 10.21
10
CVSSv2
CVE-2016-1998
HPE Service Manager (SM) 9.3x prior to 9.35 P4 and 9.4x prior to 9.41.P2 allows remote malicious users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
Hp Service Manager 9.31
Hp Service Manager 9.33
Hp Service Manager 9.41
Hp Service Manager 9.40
Hp Service Manager 9.32
Hp Service Manager 9.35
Hp Service Manager 9.30
Hp Service Manager 9.34
10
CVSSv2
CVE-2016-1985
HPE Operations Manager 8.x and 9.0 on Windows allows remote malicious users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
Hp Operations Manager 9.0
Hp Operations Manager 8.1
Hp Operations Manager 8.16
Hp Operations Manager 8.10
10
CVSSv2
CVE-2015-7450
Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote malicious users to execute arbitrary commands via a crafted serialized Java object, related to the InvokerTransformer class in the ...
Ibm Tivoli Common Reporting 3.1.2
Ibm Tivoli Common Reporting 3.1.0.2
Ibm Tivoli Common Reporting 3.1.0.1
Ibm Tivoli Common Reporting 3.1
Ibm Tivoli Common Reporting 3.1.2.1
Ibm Tivoli Common Reporting 2.1
Ibm Tivoli Common Reporting 2.1.1.2
Ibm Tivoli Common Reporting 2.1.1
1 EDB exploit
7.5
CVSSv2
CVE-2019-13116
The MuleSoft Mule Community Edition runtime engine prior to 3.8 allows remote malicious users to execute arbitrary code because of Java Deserialization, related to Apache Commons Collections
Mulesoft Mule Runtime
7.5
CVSSv2
CVE-2017-10934
All versions prior to V5.09.02.02T4 of the ZTE ZXIPTV-EPG product use the Java RMI service in which the servers use the Apache Commons Collections (ACC) library that may result in Java deserialization vulnerabilities. An unauthenticated remote attacker can exploit the vulnerabili...
Zte Zxiptv-epg Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »