Lucene search
K

22 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 7 : xstream-1.3.1-13.el7 (AXSA:2021-1711:02)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1711:02 advisory. XStream: Unsafe deserizaliation of javax.sql.rowset.BaseRowSet CVE-2021-21344 XStream: Unsafe deserizaliation of...

9.9CVSS7AI score0.76367EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2022/05/09 12:0 a.m.34 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : xstream Multiple Vulnerabilities (NS-SA-2022-0033)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has xstream packages installed that are affected by multiple vulnerabilities: - XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a...

9.9CVSS7.3AI score0.76367EPSS
Exploits5References11
Debian
Debian
added 2021/11/10 8:29 p.m.39 views

[SECURITY] [DSA 5004-1] libxstream-java security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5004-1 [email protected] https://www.debian.org/security/ Markus Koschany November 10, 2021 https://www.debian.org/security/faq -...

7.8CVSS9AI score0.98124EPSS
Exploits27
OpenVAS
OpenVAS
added 2021/10/21 12:0 a.m.28 views

Fedora: Security Advisory for xstream (FEDORA-2021-fbad11014a)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.9CVSS8AI score0.98124EPSS
Exploits34References4
OpenVAS
OpenVAS
added 2021/10/21 12:0 a.m.36 views

Fedora: Security Advisory for xstream (FEDORA-2021-d894ca87dc)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.9CVSS8AI score0.98124EPSS
Exploits34References4
OpenVAS
OpenVAS
added 2021/07/13 12:0 a.m.27 views

openSUSE: Security Advisory for xstream (openSUSE-SU-2021:1840-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.9CVSS9.1AI score0.82136EPSS
Exploits10References2
RedHat Linux
RedHat Linux
added 2021/06/17 1:15 p.m.102 views

Moderate: Red Hat Security Advisory: Red Hat Decision Manager 7.11.0 security update

An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...

9.9CVSS7.2AI score0.82392EPSS
Exploits17References16
RedHat Linux
RedHat Linux
added 2021/06/17 1:14 p.m.125 views

Moderate: Red Hat Security Advisory: Red Hat Process Automation Manager 7.11.0 security update

An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

9.9CVSS7.2AI score0.82392EPSS
Exploits17References16
OpenVAS
OpenVAS
added 2021/06/04 12:0 a.m.34 views

openSUSE: Security Advisory for xstream (openSUSE-SU-2021:0832-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.9CVSS9.1AI score0.82136EPSS
Exploits10References2
RedHat Linux
RedHat Linux
added 2021/05/26 9:49 p.m.96 views

Critical: Red Hat Security Advisory: Red Hat Data Grid 8.2.0 security update

A security update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links i...

9.9CVSS6.9AI score0.82392EPSS
Exploits18References21
OpenVAS
OpenVAS
added 2021/05/12 12:0 a.m.25 views

Ubuntu: Security Advisory (USN-4943-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.9CVSS8.5AI score0.85001EPSS
Exploits21References2
OpenVAS
OpenVAS
added 2021/05/01 12:0 a.m.33 views

CentOS: Security Advisory for xstream (CESA-2021:1354)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.9CVSS9.6AI score0.76367EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2021/04/30 12:0 a.m.47 views

CentOS 7 : xstream (RHSA-2021:1354)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1354 advisory. - XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a...

9.9CVSS7.3AI score0.76367EPSS
Exploits5References6
Oracle linux
Oracle linux
added 2021/04/27 12:0 a.m.85 views

xstream security update

1.3.1-13 - Fix remote code execution vulnerability - Resolves: CVE-2021-21344 - Resolves: CVE-2021-21345 - Resolves: CVE-2021-21346 - Resolves: CVE-2021-21347 - Resolves: CVE-2021-21350...

9.9CVSS2.3AI score0.76367EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2021/04/27 12:0 a.m.45 views

Oracle Linux 7 : xstream (ELSA-2021-1354)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-1354 advisory. - Resolves: CVE-2021-21344 - Resolves: CVE-2021-21345 - Resolves: CVE-2021-21346 - Resolves: CVE-2021-21347 Tenable has extracted the preceding...

9.9CVSS6.7AI score0.76367EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2021/04/26 12:0 a.m.38 views

RHEL 7 : xstream (RHSA-2021:1354)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1354 advisory. XStream is a Java XML serialization library to serialize objects to and deserialize object from XML. Security Fixes: XStream: Unsafe...

9.9CVSS6.7AI score0.76367EPSS
Exploits5References12
Circl
Circl
added 2021/03/23 6:38 a.m.4 views

CVE-2021-21344

creationtimestamp| type| source ---|---|--- 2021-03-23 06:38:13+00:00| seen| https://t.me/cibsecurity/25282...

9.8CVSS6.3AI score0.7598EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/03/22 11:40 p.m.26 views

CVE-2021-21344 XStream is vulnerable to an Arbitrary Code Execution attack

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who follow...

5.3CVSS9.9AI score0.7598EPSS
Exploits1References15
CVE
CVE
added 2021/03/22 11:40 p.m.454 views

CVE-2021-21344

Summary: CVE-2021-21344 affects the XStream Java XML serialization library. In versions before 1.4.16, a remote attacker can load and execute arbitrary code by manipulating the processed input stream. The risk is mitigated if the security framework whitelist is properly configured; otherwise the ...

9.8CVSS8AI score0.7598EPSS
Exploits1References15Affected Software1
vulnersOsv
vulnersOsv
added 2021/03/22 11:28 p.m.7 views

ai.hyacinth.framework:core-service-admin-server (>=0.5.0 <=0.5.24), ai.hyacinth.framework:core-service-discovery-server (>=0.5.0 <=0.5.24) +5662 more potentially affected by CVE-2021-21344 via com.thoughtworks.xstream:xstream (>=1.1.1 <=1.4.15)

com.thoughtworks.xstream:xstream MAVEN version =1.1.1, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =j8.2.2.0, =Finchley.SR4, =1.0.0.RELEASE, =1.1.0.RELEASE, =1.0.0.RELEASE, =1.1.1.RELEASE, =0.3.3, =0.4.0, =0.4.2 and more Source cves: CVE-2021-21344 Source advisory: OSV:GHSA-59JW-JQF4-3WQ3...

9.8CVSS6.5AI score0.7598EPSS
Exploits1
Rows per page
Query Builder