Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
commons vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2018-17202
Certain input files could make the code to enter into an infinite loop when Apache Sanselan 0.97-incubator was used to parse them, which could be used in a DoS attack. Note that Apache Sanselan (incubating) was renamed to Apache Commons Imaging.
Apache Commons Imaging 0.97
4.3
CVSSv2
CVE-2021-21043
ACS Commons version 4.9.2 (and previous versions) suffers from a Reflected Cross-site Scripting (XSS) vulnerability in version-compare and page-compare due to invalid JCR characters that are not handled correctly. An attacker could potentially exploit this vulnerability to inject...
Adobe Adobe Consulting Services Commons
1 Article
5.8
CVSSv2
CVE-2021-44549
Apache Sling Commons Messaging Mail provides a simple layer on top of JavaMail/Jakarta Mail for OSGi to send mails via SMTPS. To reduce the risk of "man in the middle" attacks additional server identity checks must be performed when accessing mail servers. For compatibi...
Apache Sling Commons Messaging Mail 1.0.0
5
CVSSv2
CVE-2022-32549
Apache Sling Commons Log <= 5.4.0 and Apache Sling API <= 2.25.0 are vulnerable to log injection. The ability to forge logs may allow an malicious user to cover tracks by injecting fake logs and potentially corrupt log files.
Apache Sling Commons Log
Apache Sling Api
4.3
CVSSv2
CVE-2018-11771
When reading a specially crafted ZIP archive, the read method of Apache Commons Compress 1.7 to 1.17's ZipArchiveInputStream can fail to return the correct EOF indication after the end of the stream has been reached. When combined with a java.io.InputStreamReader this can le...
Apache Commons Compress
Oracle Weblogic Server 14.1.1.0.0
1 Github repository
2.1
CVSSv2
CVE-2012-2297
Multiple cross-site scripting (XSS) vulnerabilities in the Creative Commons module 6.x-1.x prior to 6.x-1.1 for Drupal allow remote authenticated users with the administer creative commons permission to inject arbitrary web script or HTML via the (1) creativecommons_user_message ...
Creative Commons Module Project Creativecommons 6.x-1.0
7.5
CVSSv2
CVE-2022-33980
Apache Commons Configuration performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons.configurat...
Apache Commons Configuration
Netapp Snapcenter -
Debian Debian Linux 11.0
5 Github repositories
6.4
CVSSv2
CVE-2020-11988
Apache XmlGraphics Commons 2.4 and previous versions is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbi...
Apache Xmlgraphics Commons
Fedoraproject Fedora 33
Fedoraproject Fedora 34
5
CVSSv2
CVE-2018-1274
Spring Data Commons, versions 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property path parser vulnerability caused by unlimited resource allocation. An unauthenticated remote malicious user (or attacker) can issue requests against Spring Data REST en...
Pivotal Software Spring Data Commons
Pivotal Software Spring Data Rest
4.3
CVSSv2
CVE-2018-1324
A specially crafted ZIP archive can be used to cause an infinite loop inside of Apache Commons Compress' extra field parser used by the ZipFile and ZipArchiveInputStream classes in versions 1.11 to 1.15. This can be used to mount a denial of service attack against services t...
Apache Commons Compress
Oracle Weblogic Server 14.1.1.0.0
Oracle Mysql Cluster
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
malicious code
XML injection
CVE-2024-28020
CVE-2024-35252
CVE-2024-5833
CVE-2024-30066
injection
CVE-2024-23282
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »