Lucene search
K

17 matches found

OSV
OSV
added 2026/06/17 12:23 p.m.8 views

ROOT-APP-MAVEN-CVE-2024-47072 CVE-2024-47072 in io.root.com.thoughtworks.xstream:xstream - Patched by Root

Root has patched CVE-2024-47072 in the io.root.com.thoughtworks.xstream:xstream package for Root:Maven. Multiple fixed versions available...

7.5CVSS5.8AI score0.02015EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/29 3:33 p.m.8 views

Security Bulletin: IBM® Db2® is affected by the vulnerability in xstream-1.4.20.jar ( CVE-2024-47072)

Summary IBM® Db2® is affected by the vulnerability in xstream-1.4.20.jar. Vulnerability Details CVEID:CVE-2024-47072 DESCRIPTION: XStream is a simple library to serialize objects to XML and back again. This vulnerability may allow a remote attacker to terminate the application with a stack overfl...

7.5CVSS5.9AI score0.02015EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/10 7:36 p.m.14 views

Security Bulletin: IBM OmniFind Text Search Server for DB2 for i is affected by multiple vulnerabilities.  [CVE-2017-15691, CVE-2024-47072, CVE-2024-45492, CVE-2024-25269, CVE-2024-36052]

Summary IBM OmniFind Text Search Server for DB2 for i is vulnerable to overflow attacks CVE-2024-47072, CVE-2024-45492, Improper Restriction of XML External Entity Reference attack CVE-2017-15691, Uncontrolled Resource Consumption attack CVE-2024-25269, and Improper Neutralization attack...

9.8CVSS6.9AI score0.09021EPSS
Exploits2Affected Software2
Tenable Nessus
Tenable Nessus
added 2025/04/17 12:0 a.m.11 views

Oracle WebCenter Portal (April 2025 CPU)

The 12.2.1.4.0 versions of WebCenter Portal installed on the remote host are affected by a vulnerability as referenced in the April 2025 CPU advisory. - Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware component: Discussion Forums XStream. The supported version tha...

7.5CVSS6.1AI score0.02015EPSS
Exploits0References3
F5 Networks
F5 Networks
added 2025/02/07 11:26 a.m.21 views

K000149708: Java Xtream vulnerabilities CVE-2021-43859 and CVE-2024-47072

Security Advisory Description CVE-2021-43859 XStream is an open source java library to serialize objects to XML and back again. Versions prior to 1.4.19 may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulti...

7.5CVSS6.7AI score0.07934EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 9:51 p.m.11 views

Security Bulletin: IBM Rational Developer for i is vulnerable to a buffer overflow attack (CVE-2024-47072)

Summary IBM Rational Developer for i contains functionality that is affected by the following issue. CVE-2024-47072 is a denial of service attack in the Debugger XML profile serialization function. This bulletin identifies the steps to take to address this vulnerability as described in the...

7.5CVSS7.4AI score0.02015EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/10 8:20 a.m.16 views

Security Bulletin: Vulnerability in XStream library affects App Connect Professional

Summary There is vulnerability in the XStream library used by App Connect Professional. App Connect Professional has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2024-47072 DESCRIPTION: XStream is vulnerable to a denial of service, caused by a stack-based buffer overflow in...

7.5CVSS7.1AI score0.02015EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/09 10:9 a.m.18 views

Security Bulletin: Vulnerability in XStream affect BM Spectrum Control

Summary XStream is vulnerable to denial of service, This vulnerability affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2024-47072 DESCRIPTION: XStream is vulnerable to a denial of service, caused by a stack-based buffer overflow in BinaryStreamDriver. By sending a specially crafted...

7.5CVSS7AI score0.02015EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/12/23 12:0 a.m.18 views

Amazon Linux 2 : xstream (ALAS-2024-2707)

The version of xstream installed on the remote host is prior to 1.3.1-16. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2707 advisory. XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream. XStream provides...

7.5CVSS6.5AI score0.02015EPSS
Exploits0References4
Debian
Debian
added 2024/12/21 10:7 p.m.11 views

[SECURITY] [DLA 4001-1] libxstream-java security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4001-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès December 21, 2024 https://wiki.debian.org/LTS -...

7.5CVSS8AI score0.07934EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2024/12/19 3:29 p.m.19 views

Security Bulletin: IBM Disconnected Log Collector is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. This update addresses these CVEs. Vulnerability Details CVEID:CVE-2020-15250 DESCRIPTION: JUnit4 could allow a local attacker to obtain sensitive information,...

9.2CVSS8.8AI score0.03278EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/12/12 12:0 a.m.11 views

SUSE SLED15: bea-stax / bea-stax-api / xstream / xstream-benchmark / etc (SUSE-SU-2024:4037-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:4037-1 advisory. - CVE-2024-47072: Fixed possible remote denial-of-service via a stack overflow bsc1233085. Tenable has...

7.5CVSS6.8AI score0.02015EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/11/25 4:56 p.m.23 views

Important: Red Hat Security Advisory: Red Hat Data Grid 8.5.2 security update

An update for Red Hat Data Grid 8 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

7.5CVSS6.7AI score0.02015EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2024/11/21 12:0 a.m.14 views

openSUSE Security Advisory (SUSE-SU-2024:4037-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.02015EPSS
Exploits0References4
Chainguard
Chainguard
added 2024/11/08 12:15 a.m.6 views

CVE-2024-47072 vulnerabilities

Vulnerabilities for packages: jenkins...

7.5CVSS7.7AI score0.02015EPSS
Exploits0
Circl
Circl
added 2024/11/07 11:46 p.m.12 views

CVE-2024-47072

creationtimestamp| type| source ---|---|--- 2024-11-07 23:46:03+00:00| seen| https://infosec.exchange/users/cve/statuses/113444334036917014 2024-11-08 02:08:17+00:00| seen| https://t.me/cvedetector/10150 2025-01-22 02:46:01+00:00| seen|...

7.5CVSS6.6AI score0.02015EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/11/07 11:38 p.m.33 views

CVE-2024-47072 XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream

XStream is a simple library to serialize objects to XML and back again. This vulnerability may allow a remote attacker to terminate the application with a stack overflow error resulting in a denial of service only by manipulating the processed input stream when XStream is configured to use the...

7.5CVSS7.7AI score0.02015EPSS
Exploits0References3
Rows per page
Query Builder