Lucene search
K

21 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 7 : xstream-1.3.1-13.el7 (AXSA:2021-1711:02)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1711:02 advisory. XStream: Unsafe deserizaliation of javax.sql.rowset.BaseRowSet CVE-2021-21344 XStream: Unsafe deserizaliation of...

9.9CVSS7AI score0.76367EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2022/05/09 12:0 a.m.34 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : xstream Multiple Vulnerabilities (NS-SA-2022-0033)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has xstream packages installed that are affected by multiple vulnerabilities: - XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a...

9.9CVSS7.3AI score0.76367EPSS
Exploits5References11
Debian
Debian
added 2021/11/10 8:29 p.m.46 views

[SECURITY] [DSA 5004-1] libxstream-java security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5004-1 [email protected] https://www.debian.org/security/ Markus Koschany November 10, 2021 https://www.debian.org/security/faq -...

7.8CVSS9AI score0.98124EPSS
Exploits27
OpenVAS
OpenVAS
added 2021/10/21 12:0 a.m.28 views

Fedora: Security Advisory for xstream (FEDORA-2021-fbad11014a)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.9CVSS8AI score0.98124EPSS
Exploits34References4
OpenVAS
OpenVAS
added 2021/10/21 12:0 a.m.37 views

Fedora: Security Advisory for xstream (FEDORA-2021-d894ca87dc)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.9CVSS8AI score0.98124EPSS
Exploits34References4
OpenVAS
OpenVAS
added 2021/07/13 12:0 a.m.28 views

openSUSE: Security Advisory for xstream (openSUSE-SU-2021:1840-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.9CVSS9.1AI score0.82136EPSS
Exploits10References2
RedHat Linux
RedHat Linux
added 2021/06/17 1:15 p.m.102 views

Moderate: Red Hat Security Advisory: Red Hat Decision Manager 7.11.0 security update

An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...

9.9CVSS7.2AI score0.82392EPSS
Exploits17References16
RedHat Linux
RedHat Linux
added 2021/06/17 1:14 p.m.125 views

Moderate: Red Hat Security Advisory: Red Hat Process Automation Manager 7.11.0 security update

An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

9.9CVSS7.2AI score0.82392EPSS
Exploits17References16
OpenVAS
OpenVAS
added 2021/06/04 12:0 a.m.34 views

openSUSE: Security Advisory for xstream (openSUSE-SU-2021:0832-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.9CVSS9.1AI score0.82136EPSS
Exploits10References2
RedHat Linux
RedHat Linux
added 2021/05/26 9:49 p.m.96 views

Critical: Red Hat Security Advisory: Red Hat Data Grid 8.2.0 security update

A security update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links i...

9.9CVSS6.9AI score0.82392EPSS
Exploits18References21
OpenVAS
OpenVAS
added 2021/05/12 12:0 a.m.25 views

Ubuntu: Security Advisory (USN-4943-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.9CVSS8.5AI score0.85001EPSS
Exploits21References2
OpenVAS
OpenVAS
added 2021/05/01 12:0 a.m.35 views

CentOS: Security Advisory for xstream (CESA-2021:1354)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.9CVSS9.6AI score0.76367EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2021/04/30 12:0 a.m.47 views

CentOS 7 : xstream (RHSA-2021:1354)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1354 advisory. - XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a...

9.9CVSS7.3AI score0.76367EPSS
Exploits5References6
Oracle linux
Oracle linux
added 2021/04/27 12:0 a.m.90 views

xstream security update

1.3.1-13 - Fix remote code execution vulnerability - Resolves: CVE-2021-21344 - Resolves: CVE-2021-21345 - Resolves: CVE-2021-21346 - Resolves: CVE-2021-21347 - Resolves: CVE-2021-21350...

9.9CVSS2.3AI score0.76367EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2021/04/27 12:0 a.m.45 views

Oracle Linux 7 : xstream (ELSA-2021-1354)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-1354 advisory. - Resolves: CVE-2021-21344 - Resolves: CVE-2021-21345 - Resolves: CVE-2021-21346 - Resolves: CVE-2021-21347 Tenable has extracted the preceding...

9.9CVSS6.7AI score0.76367EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2021/04/26 12:0 a.m.39 views

RHEL 7 : xstream (RHSA-2021:1354)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1354 advisory. XStream is a Java XML serialization library to serialize objects to and deserialize object from XML. Security Fixes: XStream: Unsafe...

9.9CVSS6.7AI score0.76367EPSS
Exploits5References12
Circl
Circl
added 2021/03/23 6:38 a.m.2 views

CVE-2021-21347

creationtimestamp| type| source ---|---|--- 2021-03-23 06:38:08+00:00| seen| https://t.me/cibsecurity/25279 2021-04-15 11:02:09+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/3127...

9.8CVSS7AI score0.14301EPSS
Exploits1References2
Cvelist
Cvelist
added 2021/03/22 11:40 p.m.27 views

CVE-2021-21347 XStream is vulnerable to an Arbitrary Code Execution attack

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who follow...

6.1CVSS9.9AI score0.14301EPSS
Exploits1References15
CVE
CVE
added 2021/03/22 11:40 p.m.409 views

CVE-2021-21347

CVE-2021-21347 affects XStream Java library (pre-1.4.16). The vulnerability allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream, with high severity when not using a proper security framework. Guidance across sources indicates u...

9.8CVSS8.3AI score0.14301EPSS
Exploits1References15Affected Software1
Github Security Blog
Github Security Blog
added 2021/03/22 11:29 p.m.47 views

XStream is vulnerable to an Arbitrary Code Execution attack

Impact The vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required...

9.8CVSS2AI score0.14301EPSS
Exploits1References17Affected Software1
Rows per page
Query Builder