Lucene search
K

22 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/02/26 3:23 a.m.11 views

Security Bulletin: Multiple Vulnerabilities in IBM Tivoli Netcool/OMNIbus_GUI (CVE-2019-17570, CVE-2025-64775)

Summary Multiple vulnerabilities were addressed in IBM Tivoli Netcool/OMNIbusGUI 8.1.0 Fix Pack 40. Vulnerability Details CVEID:CVE-2025-64775 DESCRIPTION: Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache...

9.8CVSS6.2AI score0.49285EPSS
Exploits2Affected Software1
Rosalinux
Rosalinux
added 2025/12/02 1:21 p.m.7 views

Advisory ROSA-SA-2025-3109

Software: xmlrpc 3.1.3 OS: ROSA Virtualization 2.1 packageevrstring: xmlrpc-3.1.3-1.0.1.1.rv3 CVE-ID: CVE-2019-17570 BDU-ID: 2020-01960 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of the Apache XML-RPC library is related to ...

9.8CVSS7.1AI score0.49285EPSS
Exploits2
Rosalinux
Rosalinux
added 2025/03/17 9:44 p.m.11 views

Advisory ROSA-SA-2025-2778

Software: xmlrpc 3.1.3 OS: ROSA Virtualization 2.1 packageevrstring: xmlrpc-3.1.3-1.0.1.1.rv3 CVE-ID: CVE-2019-17570 BDU-ID: 2020-01960 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of the Apache XML-RPC library is related to ...

9.8CVSS6.8AI score0.49285EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2019-17570

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC aka ws-xmlrpc library. A maliciou...

9.8CVSS8.4AI score0.49285EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2024/01/22 12:0 a.m.52 views

GLSA-202401-26 : Apache XML-RPC: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202401-26 Apache XML-RPC: Multiple Vulnerabilities - XML external entity XXE vulnerability in the Apache XML-RPC aka ws-xmlrpc library 3.1.3, as used in Apache Archiva, allows remote attackers to conduct server-side request forger...

9.8CVSS8.7AI score0.49285EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2023/06/08 12:0 a.m.53 views

Amazon Linux 2 : xmlrpc (ALAS-2023-2080)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2080 advisory. An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC aka ws-xmlrpc library. A malicious XML-RPC server could target a XML-RPC clie...

9.8CVSS8.5AI score0.49285EPSS
Exploits2References4
Amazon
Amazon
added 2023/06/07 12:0 a.m.37 views

Important: xmlrpc

Issue Overview: An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC aka ws-xmlrpc library. A malicious XML-RPC server could target a XML-RPC client causing it to execute arbitrary code. Apache XML-RPC is no longer maintain...

9.8CVSS9.2AI score0.49285EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2023/01/23 12:0 a.m.35 views

RHEL 6 / 7 : rh-java-common-xmlrpc (RHSA-2020:0310)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0310 advisory. Apache XML-RPC is a Java implementation of XML-RPC, a popular protocol that uses XML over HTTP to implement remote procedure calls. Security Fixe...

9.8CVSS8.1AI score0.49285EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.21 views

Mageia: Security Advisory (MGASA-2020-0077)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.49285EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2020/09/16 12:0 a.m.17 views

Ubuntu: Security Advisory (USN-4496-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.49285EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2020/09/15 12:0 a.m.61 views

Ubuntu 16.04 LTS / 18.04 LTS : Apache XML-RPC vulnerability (USN-4496-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4496-1 advisory. It was discovered that Apache XML-RPC aka ws-xmlrpc does not properly deserialize untrusted data. An attacker could possibly use this issue to execute...

9.8CVSS8.6AI score0.49285EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2020/04/07 12:0 a.m.31 views

Fedora: Security Advisory for xmlrpc (FEDORA-2020-1d0635bd71)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.6AI score0.49285EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2020/04/07 12:0 a.m.20 views

Fedora: Security Advisory for eclipse-pydev (FEDORA-2020-1d0635bd71)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.6AI score0.49285EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2020/02/07 12:0 a.m.83 views

Debian: Security Advisory (DSA-4619-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.49285EPSS
Exploits2References4
Debian
Debian
added 2020/02/06 9:30 p.m.93 views

[SECURITY] [DSA 4619-1] libxmlrpc3-java security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4619-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 06, 2020 https://www.debian.org/security/faq -...

9.8CVSS9.8AI score0.49285EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2020/01/30 7:29 p.m.74 views

Important: Red Hat Security Advisory: rh-java-common-xmlrpc security update

An update for rh-java-common-xmlrpc is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7.3AI score0.49285EPSS
Exploits2References2
Debian
Debian
added 2020/01/30 4:31 p.m.51 views

[SECURITY] [DLA 2078-1] libxmlrpc3-java security update

Package : libxmlrpc3-java Version : 3.1.3-7+deb8u1 CVE ID : CVE-2019-17570 Debian Bug : 949089 An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC aka ws-xmlrpc library. A malicious XML-RPC server could target a XML-RPC...

9.8CVSS9.7AI score0.49285EPSS
Exploits2
NVD
NVD
added 2020/01/23 10:15 p.m.25 views

CVE-2019-17570

An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC aka ws-xmlrpc library. A malicious XML-RPC server could target a XML-RPC client causing it to execute arbitrary code. Apache XML-RPC is no longer maintained and this issu...

9.8CVSS9.7AI score0.49285EPSS
Exploits2References11
UbuntuCve
UbuntuCve
added 2020/01/23 10:15 p.m.38 views

CVE-2019-17570

An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC aka ws-xmlrpc library. A malicious XML-RPC server could target a XML-RPC client causing it to execute arbitrary code. Apache XML-RPC is no longer maintained and this issu...

9.8CVSS7.3AI score0.49285EPSS
Exploits2References3
Cvelist
Cvelist
added 2020/01/23 12:0 a.m.33 views

CVE-2019-17570

An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC aka ws-xmlrpc library. A malicious XML-RPC server could target a XML-RPC client causing it to execute arbitrary code. Apache XML-RPC is no longer maintained and this issu...

9.6AI score0.49285EPSS
Exploits2References11
Rows per page
Query Builder