Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache commons collections vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2016-1985
HPE Operations Manager 8.x and 9.0 on Windows allows remote malicious users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
Hp Operations Manager 8.1
Hp Operations Manager 8.10
Hp Operations Manager 8.16
Hp Operations Manager 9.0
9.8
CVSSv3
CVE-2019-13116
The MuleSoft Mule Community Edition runtime engine prior to 3.8 allows remote malicious users to execute arbitrary code because of Java Deserialization, related to Apache Commons Collections
Mulesoft Mule Runtime
9.8
CVSSv3
CVE-2018-5393
The TP-LINK EAP Controller is TP-LINK's software for remotely controlling wireless access point devices. It utilizes a Java remote method invocation (RMI) service for remote control. The RMI interface does not require any authentication before use, so it lacks user authentic...
Tp-link Eap Controller
9.8
CVSSv3
CVE-2017-10934
All versions prior to V5.09.02.02T4 of the ZTE ZXIPTV-EPG product use the Java RMI service in which the servers use the Apache Commons Collections (ACC) library that may result in Java deserialization vulnerabilities. An unauthenticated remote attacker can exploit the vulnerabili...
Zte Zxiptv-epg Firmware
9.8
CVSSv3
CVE-2017-15708
In Apache Synapse, by default no authentication is required for Java Remote Method Invocation (RMI). So Apache Synapse 3.0.1 or all previous releases (3.0.0, 2.1.0, 2.0.0, 1.2, 1.1.2, 1.1.1) allows remote code execution attacks that can be performed by injecting specially crafted...
Apache Synapse 3.0.0
Apache Synapse 2.1.0
Apache Synapse 2.0.0
Apache Synapse 1.2
Apache Synapse 1.1.2
Apache Synapse 1.1.1
Apache Synapse 1.0
Apache Synapse 1.1
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Financial Services Market Risk Measurement And Management 8.0.6
Oracle Financial Services Market Risk Measurement And Management 8.0.8
2 Github repositories
9.8
CVSSv3
CVE-2017-10932
All versions prior to V12.17.20 of the ZTE Microwave NR8000 series products - NR8120, NR8120A, NR8120, NR8150, NR8250, NR8000 TR and NR8950 are the applications of C/S architecture using the Java RMI service in which the servers use the Apache Commons Collections (ACC) library th...
Zte Nr8120 Firmware -
Zte Nr8120a Firmware -
Zte Nr8150 Firmware -
Zte Nr8250 Firmware -
Zte Nr8000tr Firmware -
Zte Nr8950 Firmware -
9.8
CVSSv3
CVE-2017-5586
OpenText Documentum D2 (formerly EMC Documentum D2) 4.x allows remote malicious users to execute arbitrary commands via a crafted serialized Java object, related to the BeanShell (bsh) and Apache Commons Collections (ACC) libraries.
Opentext Documentum D2 4.2
Opentext Documentum D2 4.4
Opentext Documentum D2 4.1
Opentext Documentum D2 4.0
Opentext Documentum D2 4.6
Opentext Documentum D2 4.3
Opentext Documentum D2 4.5
1 EDB exploit
1 Github repository
9.8
CVSSv3
CVE-2016-4373
The AdminUI in HPE Operations Manager (OM) prior to 9.21.130 on Linux, Unix, and Solaris allows remote malicious users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
Hp Operations Manager
Hp Operations Manager 9.20.0
9.8
CVSSv3
CVE-2016-4372
HPE iMC PLAT prior to 7.2 E0403P04, iMC EAD prior to 7.2 E0405P05, iMC APM prior to 7.2 E0401P04, iMC NTA prior to 7.2 E0401P01, iMC BIMS prior to 7.2 E0402P02, and iMC UAM_TAM prior to 7.2 E0405P05 allow remote malicious users to execute arbitrary commands via a crafted serializ...
Hp Intelligent Management Center Endpoint Admission Defense
Hp Intelligent Management Center Network Traffic Analyzer
Hp Intelligent Management Center Application Performance Manager
Hp Intelligent Management Center Platform
Hp Intelligent Management Center User Access Management
Hp Intelligent Management Center Branch Intelligent Management System
1 EDB exploit
9.8
CVSSv3
CVE-2016-3642
The RMI service in SolarWinds Virtualization Manager 6.3.1 and previous versions allows remote malicious users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
Solarwinds Virtualization Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »