Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
commons vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-42503
Improper Input Validation, Uncontrolled Resource Consumption vulnerability in Apache Commons Compress in TAR parsing.This issue affects Apache Commons Compress: from 1.22 prior to 1.24.0. Users are recommended to upgrade to version 1.24.0, which fixes the issue. A third party can...
Apache Commons Compress
356
VMScore
CVE-2017-1000094
Docker Commons Plugin provides a list of applicable credential IDs to allow users configuring a job to select the one they'd like to use to authenticate with a Docker Registry. This functionality did not check permissions, allowing any user with Overall/Read permission to ge...
Jenkins Docker Commons
383
VMScore
CVE-2012-6153
http/conn/ssl/AbstractVerifier.java in Apache Commons HttpClient prior to 4.2.3 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle maliciou...
Apache Commons-httpclient
NA
CVE-2024-25710
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 up to and including 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the issue.
Apache Commons Compress
445
VMScore
CVE-2013-1908
The Commons Wikis module prior to 7.x-3.1 for Drupal, as used in the Commons module prior to 7.x-3.1, does not properly restrict access to groups, which allows remote malicious users to post arbitrary content to groups via unspecified vectors.
Commons Wikis Project Commons Wikis
Acquia Commons 7.x-3.x
Commons Wikis Project Commons Wikis 7.x-3.x
Acquia Commons
668
VMScore
CVE-2020-1953
Apache Commons Configuration uses a third-party library to parse YAML files which by default allows the instantiation of classes if the YAML includes special statements. Apache Commons Configuration versions 2.2, 2.3, 2.4, 2.5, 2.6 did not change the default settings of this libr...
Apache Commons Configuration 2.3
Apache Commons Configuration 2.4
Apache Commons Configuration 2.5
Apache Commons Configuration 2.6
Apache Commons Configuration 2.2
Oracle Database Server 12.1.0.2
Oracle Database Server 11.2.0.4
Oracle Database Server 12.2.0.1
Oracle Database Server 18c
Oracle Database Server 19c
Oracle Healthcare Foundation 7.2.0
Oracle Healthcare Foundation 7.2.1
Oracle Healthcare Foundation 7.3.0
Oracle Healthcare Foundation 7.1.1
445
VMScore
CVE-2018-17201
Certain input files could make the code hang when Apache Sanselan 0.97-incubator was used to parse them, which could be used in a DoS attack. Note that Apache Sanselan (incubating) was renamed to Apache Commons Imaging.
Apache Commons Imaging 0.97
NA
CVE-2022-46664
A vulnerability has been identified in Mendix Workflow Commons (All versions < V2.4.0), Mendix Workflow Commons V2.1 (All versions < V2.1.4), Mendix Workflow Commons V2.3 (All versions < V2.3.2). Affected versions of the module improperly handle access control for some m...
Siemens Mendix Workflow Commons
445
VMScore
CVE-2018-17202
Certain input files could make the code to enter into an infinite loop when Apache Sanselan 0.97-incubator was used to parse them, which could be used in a DoS attack. Note that Apache Sanselan (incubating) was renamed to Apache Commons Imaging.
Apache Commons Imaging 0.97
383
VMScore
CVE-2022-28820
ACS Commons version 5.1.x (and previous versions) suffers from a Reflected Cross-site Scripting (XSS) vulnerability in /apps/acs-commons/content/page-compare.html endpoint via the a and b GET parameters. User input submitted via these parameters is not validated or sanitised. An ...
Adobe Acs Aem Commons
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »