CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в libxstream-java

XStream is a simple library for serializing objects to XML and back again. In affected versions, this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available, by manipulating the processed input stream with a Java runtime version 14 to 8. ...

8.5CVSS7AI score0.61765EPSS

Exploits2References1

OSV•added 2021/08/23 7:15 p.m.•2 views

DEBIAN-CVE-2021-39140

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by...

6.3CVSS7.2AI score0.00138EPSS

Exploits1References1

ATTACKERKB•added 2021/03/23 12:15 a.m.•1 views

CVE-2021-21341

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is vulnerability which may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of...

7.5CVSS5.9AI score0.302EPSS

Exploits1References21Affected Software1

Mageia•added 2017/12/21 5:43 p.m.•31 views

Updated xrdp packages fix security vulnerability

The scpv0saccept function in sesman/libscp/libscpv0.c in the session manager in xrdp through 0.9.4 uses an untrusted integer as a write length, which allows local users to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted input...

8.4CVSS5.4AI score0.00099EPSS

Exploits0References2