Lucene search
K

32 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 7 : xstream-1.3.1-14.el7 (AXSA:2021-2208:03)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2208:03 advisory. XStream: remote command execution attack by manipulating the processed input stream CVE-2021-29505 Tenable has extracted the preceding description block...

8.8CVSS7.9AI score0.77735EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/07/06 12:0 a.m.30 views

Atlassian Jira 8.17.x < 8.18.0 (JRASERVER-72669)

The version of Atlassian Jira installed on the remote host is prior to 8.17.x 8.18.0. It is, therefore, affected by a vulnerability as referenced in the JRASERVER-72669 advisory. - Vulnerable version of XStream used in Jira Server and Data Center - CVE-2021-29505 CVE-2021-29505 Note that Nessus h...

8.8CVSS7.6AI score0.77735EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/04 11:15 a.m.39 views

Security Bulletin: IBM Engineering Test Management is vulnerable to execute arbitrary commands on system due to XStream ( CVE-2021-29505 ).

Summary IBM Engineering Test Management is vulnerable to remote attacker to execute arbitrary commands on the system, caused by improper input validation. By manipulating the processed input stream, an attacker could exploit this vulnerability to execute arbitrary commands on the system...

8.8CVSS2.1AI score0.77735EPSS
Exploits1Affected Software2
Tenable Nessus
Tenable Nessus
added 2022/05/09 12:0 a.m.22 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : xstream Vulnerability (NS-SA-2022-0007)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has xstream packages installed that are affected by a vulnerability: - XStream is software for serializing Java objects to XML and back again. A vulnerability in XStream versions prior to 1.4.17 may allow a remote attacker has...

8.8CVSS7.8AI score0.77735EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2022/02/14 1:6 p.m.98 views

Moderate: Red Hat Security Advisory: Red Hat Data Grid 8.3.0 security update

An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

8.8CVSS7.6AI score0.98124EPSS
Exploits17References22
RedHat Linux
RedHat Linux
added 2022/01/26 4:33 p.m.50 views

Moderate: Red Hat Security Advisory: Red Hat Decision Manager 7.12.0 security update

An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...

8.8CVSS7.6AI score0.98124EPSS
Exploits17References18
RedHat Linux
RedHat Linux
added 2022/01/26 3:52 p.m.74 views

Critical: Red Hat Security Advisory: Red Hat Process Automation Manager 7.12.0 security update

An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

10CVSS7.7AI score0.99999EPSS
Exploits368References19
Debian
Debian
added 2021/11/10 8:29 p.m.39 views

[SECURITY] [DSA 5004-1] libxstream-java security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5004-1 [email protected] https://www.debian.org/security/ Markus Koschany November 10, 2021 https://www.debian.org/security/faq -...

7.8CVSS9AI score0.98124EPSS
Exploits27
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/29 8:15 p.m.51 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in XStream (CVE-2021-29505)

Summary A vulnerability in XStream that is used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID: CVE-2021-29505 DESCRIPTION: XStream XStream could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper input validation...

8.8CVSS1.4AI score0.77735EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/10/26 12:0 a.m.46 views

Oracle WebCenter Sites Multiple Vulnerabilities (Oct 2021 CPU)

Oracle WebCenter Sites component of Oracle Fusion Middleware is affected by multiple vulnerabilities. - Component: WebCenter Sites Terracotta Quartz Scheduler. The supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker...

9.8CVSS6.9AI score0.77735EPSS
Exploits2References8
OpenVAS
OpenVAS
added 2021/10/21 12:0 a.m.27 views

Fedora: Security Advisory for xstream (FEDORA-2021-fbad11014a)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.9CVSS8AI score0.98124EPSS
Exploits34References4
OpenVAS
OpenVAS
added 2021/10/21 12:0 a.m.36 views

Fedora: Security Advisory for xstream (FEDORA-2021-d894ca87dc)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.9CVSS8AI score0.98124EPSS
Exploits34References4
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/05 7:55 p.m.36 views

Security Bulletin: XStream Vulnerability Affects IBM Sterling B2B Integrator (CVE-2021-29505)

Summary IBM Sterling B2B Integrator has addressed the security vulnerability. Vulnerability Details CVEID: CVE-2021-29505 DESCRIPTION: XStream XStream could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper input validation. By manipulating the...

8.8CVSS2.4AI score0.77735EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/08/23 5:41 a.m.66 views

Security Bulletin: XStream (Publicly disclosed vulnerability)

Summary Impact The vulnerability may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a allowlist limited to the minimal...

8.8CVSS2.2AI score0.77735EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/08/06 12:0 a.m.28 views

Amazon Linux 2 : xstream (ALAS-2021-1698)

The version of xstream installed on the remote host is prior to 1.3.1-14. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1698 advisory. A flaw was found in XStream. By manipulating the processed input stream, a remote attacker may be able to obtain sufficient rights...

8.8CVSS7.5AI score0.77735EPSS
Exploits1References3
Amazon
Amazon
added 2021/08/05 12:0 a.m.46 views

Important: xstream

Issue Overview: A flaw was found in XStream. By manipulating the processed input stream, a remote attacker may be able to obtain sufficient rights to execute commands. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. CVE-2021-2950...

8.8CVSS7.8AI score0.77735EPSS
Exploits1
Atlassian
Atlassian
added 2021/08/04 2:52 p.m.132 views

Vulnerable version of XStream used in Jira Server and Data Center - CVE-2021-29505

Affected versions of Atlassian Jira Server and Data Center used versions of XStream that were vulnerable to security exploits including CVE-2021-29505|http://x-stream.github.io/CVE-2021-29505.html. The affected versions of Jira Server and Data Center are before version 8.18.0. Affected versions:...

8.8CVSS5AI score0.77735EPSS
Exploits1Affected Software1
Atlassian
Atlassian
added 2021/08/04 2:52 p.m.67 views

Vulnerable version of XStream used in Jira Server and Data Center - CVE-2021-29505

Affected versions of Atlassian Jira Server and Data Center used versions of XStream that were vulnerable to security exploits including CVE-2021-29505|http://x-stream.github.io/CVE-2021-29505.html. The affected versions of Jira Server and Data Center are before version 8.18.0. Affected versions:...

8.8CVSS8.3AI score0.77735EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2021/07/16 12:0 a.m.39 views

openSUSE 15 Security Update : xstream (openSUSE-SU-2021:1995-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1995-1 advisory. - XStream is software for serializing Java objects to XML and back again. A vulnerability in XStream versions prior to 1.4.17 may allow a remote...

8.8CVSS7.8AI score0.77735EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2021/07/14 12:0 a.m.23 views

CentOS: Security Advisory for xstream (CESA-2021:2683)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS8.7AI score0.77735EPSS
Exploits1References2
Rows per page
Query Builder