Lucene search
K

1632 matches found

RedHat Linux
RedHat Linux
added 2014/04/03 10:1 p.m.1 views

XStream: remote code execution due to insecure XML deserialization

It was found that XStream could deserialize arbitrary user-supplied XML content, representing objects of any type. A remote attacker able to pass XML to XStream could use this flaw to perform a variety of attacks, including remote code execution in the context of the server running the XStream...

9.8CVSS8AI score0.84362EPSS
Exploits5References7
RedHat Linux
RedHat Linux
added 2014/04/03 10:1 p.m.61 views

Important: Red Hat Security Advisory: Red Hat JBoss Data Grid 6.2.1 update

Red Hat JBoss Data Grid 6.2.1, which fixes two security issues, various bugs, and adds enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base score...

9.8CVSS7.1AI score0.84362EPSS
Exploits7References5
RedHat Linux
RedHat Linux
added 2014/04/03 9:30 p.m.10 views

XStream: remote code execution due to insecure XML deserialization

It was found that XStream could deserialize arbitrary user-supplied XML content, representing objects of any type. A remote attacker able to pass XML to XStream could use this flaw to perform a variety of attacks, including remote code execution in the context of the server running the XStream...

9.8CVSS8AI score0.84362EPSS
Exploits5References7
RedHat Linux
RedHat Linux
added 2014/04/03 9:19 p.m.5 views

XStream: remote code execution due to insecure XML deserialization

It was found that XStream could deserialize arbitrary user-supplied XML content, representing objects of any type. A remote attacker able to pass XML to XStream could use this flaw to perform a variety of attacks, including remote code execution in the context of the server running the XStream...

9.8CVSS8AI score0.84362EPSS
Exploits5References7
RedHat Linux
RedHat Linux
added 2014/04/03 9:19 p.m.39 views

Important: Red Hat Security Advisory: Red Hat JBoss BPM Suite 6.0.1 update

Red Hat JBoss BPM Suite 6.0.1, which fixes multiple security issues, various bugs, and adds enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base...

9.8CVSS7.8AI score0.84362EPSS
Exploits10References10
RedHat Linux
RedHat Linux
added 2014/03/24 6:5 p.m.44 views

Important: Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.0.0 security update

Red Hat JBoss Fuse and A-MQ 6.0.0 R1 P3 Patch 3 on Rollup Patch 1, which addresses three security issues and contains several bug fixes, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having Important security impact. Common...

9.8CVSS7.8AI score0.84362EPSS
Exploits9References6
RedHat Linux
RedHat Linux
added 2014/03/24 6:5 p.m.5 views

XStream: remote code execution due to insecure XML deserialization

It was found that XStream could deserialize arbitrary user-supplied XML content, representing objects of any type. A remote attacker able to pass XML to XStream could use this flaw to perform a variety of attacks, including remote code execution in the context of the server running the XStream...

9.8CVSS8AI score0.84362EPSS
Exploits5References7
RedHat Linux
RedHat Linux
added 2014/03/13 7:21 p.m.59 views

Important: Red Hat Security Advisory: XStream security update

An update for the XStream component that fixes one security issue is now available from the Red Hat Customer Portal for Red Hat JBoss Data Virtualization 6.0.0. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS...

9.8CVSS7.8AI score0.84362EPSS
Exploits5References3
RedHat Linux
RedHat Linux
added 2014/03/13 7:21 p.m.3 views

XStream: remote code execution due to insecure XML deserialization

It was found that XStream could deserialize arbitrary user-supplied XML content, representing objects of any type. A remote attacker able to pass XML to XStream could use this flaw to perform a variety of attacks, including remote code execution in the context of the server running the XStream...

9.8CVSS8AI score0.84362EPSS
Exploits5References7
OpenVAS
OpenVAS
added 2014/03/13 12:0 a.m.117 views

JFrog Artifactory < 3.1.1.1 XStream RCE Vulnerability

JFrog Artifactory is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.8CVSS8.6AI score0.84362EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2014/03/12 12:0 a.m.119 views

Artifactory < 3.1.1.1 XStream Remote Code Execution

A version of Artifactory prior to 3.1.1.1 is hosted on the remote web server. As such, it uses a library that has a known remote code execution vulnerability. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid72966;...

9.8CVSS7.2AI score0.84362EPSS
Exploits5References1
RedHat Linux
RedHat Linux
added 2014/02/26 8:32 p.m.48 views

Important: Red Hat Security Advisory: XStream security update

An update for the XStream component that fixes one security issue is now available from the Red Hat Customer Portal for Red Hat JBoss Fuse Service Works 6.0.0. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS ba...

9.8CVSS7.8AI score0.84362EPSS
Exploits5References3
RedHat Linux
RedHat Linux
added 2014/02/26 8:32 p.m.4 views

XStream: remote code execution due to insecure XML deserialization

It was found that XStream could deserialize arbitrary user-supplied XML content, representing objects of any type. A remote attacker able to pass XML to XStream could use this flaw to perform a variety of attacks, including remote code execution in the context of the server running the XStream...

9.8CVSS8AI score0.84362EPSS
Exploits5References7
OSV
OSV
added 2014/02/25 9:54 p.m.12 views

MGASA-2014-0100 Updated xstream packages fix CVE-2013-7285

Updated xstream packages fix security vulnerability: It was found that XStream would deserialize arbitrary user-supplied XML content, representing objects of any type. A remote attacker able to pass XML to XStream could use this flaw to perform a variety of attacks, including remote code executio...

9.8CVSS9.6AI score0.84362EPSS
Exploits5References4
Mageia
Mageia
added 2014/02/25 9:54 p.m.53 views

Updated xstream packages fix CVE-2013-7285

Updated xstream packages fix security vulnerability: It was found that XStream would deserialize arbitrary user-supplied XML content, representing objects of any type. A remote attacker able to pass XML to XStream could use this flaw to perform a variety of attacks, including remote code executio...

9.8CVSS3.8AI score0.84362EPSS
Exploits5References3
Positive Technologies
Positive Technologies
added 2014/02/25 12:0 a.m.3 views

PT-2019-7010 · Thoughtworks · Xstream Api

Name of the Vulnerable Software and Affected Versions: Xstream API versions up to 1.4.6 Xstream API version 1.4.10 Description: The issue allows a remote attacker to execute arbitrary shell commands by manipulating the processed input stream when unmarshaling XML or any supported format, such as...

9.8CVSS8.2AI score0.84362EPSS
Exploits5References34
OpenVAS
OpenVAS
added 2014/02/25 12:0 a.m.33 views

Fedora Update for xstream FEDORA-2014-2340

Check for the Version of xstream OpenVAS Vulnerability Test Fedora Update for xstream FEDORA-2014-2340 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

5.5CVSS0.4AI score0.84362EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2014/02/25 12:0 a.m.37 views

Fedora Update for xstream FEDORA-2014-2372

Check for the Version of xstream OpenVAS Vulnerability Test Fedora Update for xstream FEDORA-2014-2372 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

5.5CVSS0.4AI score0.84362EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2014/02/25 12:0 a.m.36 views

Fedora Update for xstream FEDORA-2014-2372

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.3AI score0.84362EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2014/02/25 12:0 a.m.33 views

Fedora Update for xstream FEDORA-2014-2340

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.3AI score0.84362EPSS
Exploits5References2
Rows per page
Query Builder