Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache commons collections vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2016-1487
Lexmark Markvision Enterprise prior to 2.3.0 misuses the Apache Commons Collections Library, leading to remote code execution because of Java deserialization.
Lexmark Markvision Enterprise
9.8
CVSSv3
CVE-2019-13116
The MuleSoft Mule Community Edition runtime engine prior to 3.8 allows remote malicious users to execute arbitrary code because of Java Deserialization, related to Apache Commons Collections
Mulesoft Mule Runtime
9.8
CVSSv3
CVE-2018-5393
The TP-LINK EAP Controller is TP-LINK's software for remotely controlling wireless access point devices. It utilizes a Java remote method invocation (RMI) service for remote control. The RMI interface does not require any authentication before use, so it lacks user authentic...
Tp-link Eap Controller
9.8
CVSSv3
CVE-2017-10934
All versions prior to V5.09.02.02T4 of the ZTE ZXIPTV-EPG product use the Java RMI service in which the servers use the Apache Commons Collections (ACC) library that may result in Java deserialization vulnerabilities. An unauthenticated remote attacker can exploit the vulnerabili...
Zte Zxiptv-epg Firmware
7.1
CVSSv3
CVE-2018-2876
Vulnerability in the Oracle Retail Integration Bus component of Oracle Retail Applications (subcomponent: RIB Kernal(Apache Commons Collections)). The supported version that is affected is 13.2. Easily exploitable vulnerability allows unauthenticated attacker with network access ...
Oracle Retail Integration Bus 13.2
9.8
CVSSv3
CVE-2017-15708
In Apache Synapse, by default no authentication is required for Java Remote Method Invocation (RMI). So Apache Synapse 3.0.1 or all previous releases (3.0.0, 2.1.0, 2.0.0, 1.2, 1.1.2, 1.1.1) allows remote code execution attacks that can be performed by injecting specially crafted...
Apache Synapse 3.0.0
Apache Synapse 2.1.0
Apache Synapse 2.0.0
Apache Synapse 1.2
Apache Synapse 1.1.2
Apache Synapse 1.1.1
Apache Synapse 1.0
Apache Synapse 1.1
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Financial Services Market Risk Measurement And Management 8.0.6
Oracle Financial Services Market Risk Measurement And Management 8.0.8
2 Github repositories
9.8
CVSSv3
CVE-2017-10932
All versions prior to V12.17.20 of the ZTE Microwave NR8000 series products - NR8120, NR8120A, NR8120, NR8150, NR8250, NR8000 TR and NR8950 are the applications of C/S architecture using the Java RMI service in which the servers use the Apache Commons Collections (ACC) library th...
Zte Nr8120 Firmware -
Zte Nr8120a Firmware -
Zte Nr8150 Firmware -
Zte Nr8250 Firmware -
Zte Nr8000tr Firmware -
Zte Nr8950 Firmware -
9.8
CVSSv3
CVE-2017-5586
OpenText Documentum D2 (formerly EMC Documentum D2) 4.x allows remote malicious users to execute arbitrary commands via a crafted serialized Java object, related to the BeanShell (bsh) and Apache Commons Collections (ACC) libraries.
Opentext Documentum D2 4.2
Opentext Documentum D2 4.4
Opentext Documentum D2 4.1
Opentext Documentum D2 4.0
Opentext Documentum D2 4.6
Opentext Documentum D2 4.3
Opentext Documentum D2 4.5
1 EDB exploit
1 Github repository
7.3
CVSSv3
CVE-2016-4385
The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x prior to 10.00.02.01, and 10.1x prior to 10.11.00.01 allows remote malicious users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) and Commons B...
Hp Network Automation 9.22
Hp Network Automation 9.22.02
Hp Network Automation 10.00.02
Hp Network Automation 9.22.01
Hp Network Automation 10.11
Hp Network Automation 9.10
Hp Network Automation 10.00.01
Hp Network Automation 10.10
Hp Network Automation 10.00
Hp Network Automation 9.20
9.8
CVSSv3
CVE-2016-4373
The AdminUI in HPE Operations Manager (OM) prior to 9.21.130 on Linux, Unix, and Solaris allows remote malicious users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
Hp Operations Manager
Hp Operations Manager 9.20.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »