Lucene search
+L

15 matches found

OpenVAS
OpenVAS
added 2021/10/21 12:0 a.m.37 views

Fedora: Security Advisory for xstream (FEDORA-2021-d894ca87dc)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.9CVSS8AI score0.98124EPSS
Exploits34References4
OpenVAS
OpenVAS
added 2021/10/21 12:0 a.m.28 views

Fedora: Security Advisory for xstream (FEDORA-2021-fbad11014a)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.9CVSS8AI score0.98124EPSS
Exploits34References4
RedHat Linux
RedHat Linux
added 2021/06/17 1:15 p.m.102 views

Moderate: Red Hat Security Advisory: Red Hat Decision Manager 7.11.0 security update

An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...

9.9CVSS7.2AI score0.82392EPSS
Exploits17References16
RedHat Linux
RedHat Linux
added 2021/06/17 1:14 p.m.125 views

Moderate: Red Hat Security Advisory: Red Hat Process Automation Manager 7.11.0 security update

An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

9.9CVSS7.2AI score0.82392EPSS
Exploits17References16
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2021:0176-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS8.2AI score0.85001EPSS
Exploits11References2
RedHat Linux
RedHat Linux
added 2021/05/26 9:49 p.m.97 views

Critical: Red Hat Security Advisory: Red Hat Data Grid 8.2.0 security update

A security update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links i...

9.9CVSS6.9AI score0.82392EPSS
Exploits18References21
OpenVAS
OpenVAS
added 2021/05/12 12:0 a.m.25 views

Ubuntu: Security Advisory (USN-4943-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.9CVSS8.5AI score0.85001EPSS
Exploits21References2
OpenVAS
OpenVAS
added 2021/04/16 12:0 a.m.30 views

openSUSE: Security Advisory for xstream (openSUSE-SU-2021:0140-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS7.8AI score0.85001EPSS
Exploits11References2
IBM Security Bulletins
IBM Security Bulletins
added 2021/03/24 7:43 a.m.44 views

Security Bulletin: A security vulnerability has been identified in Xstream, which is a required product for IBM Tivoli Network Configuration Manager (CVE-2020-26258, CVE-2020-26259)

Summary A security vulnerability has been disclosed in the Xstream library , which is installed as part of IBM Tivoli Network Configuration Manager version 6.4.2. Information about this vulnerability has been published in a security bulletin. Vulnerability Details CVEID: CVE-2020-26258 DESCRIPTIO...

7.7CVSS0.9AI score0.82392EPSS
Exploits7Affected Software1
OpenVAS
OpenVAS
added 2021/01/29 12:0 a.m.26 views

Ubuntu: Security Advisory (USN-4714-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.8AI score0.85001EPSS
Exploits11References2
Tenable Nessus
Tenable Nessus
added 2021/01/25 12:0 a.m.41 views

openSUSE Security Update : xstream (openSUSE-2021-140)

This update for xstream fixes the following issues : xstream was updated to version 1.4.15. - CVE-2020-26217: Fixed a remote code execution due to insecure XML deserialization when relying on blocklists bsc1180994. - CVE-2020-26258: Fixed a server-side request forgery vulnerability bsc1180146. -...

9.3CVSS8.2AI score0.85001EPSS
Exploits11References6
Gitee
Gitee
added 2021/01/24 10:46 a.m.5 views

Exploit for OS Command Injection in Apache Struts

CVE-2020-26259 CVE-2020-26259: XStream1.4.14 is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling as long as the executing process has sufficient rights. https://x-stream.github.io/CVE-2020-26259.html XStream 1.4.14 pom.xml com.thoughtworks.xstream xstream 1.4.14 poc...

9.3CVSS7.3AI score0.85001EPSS
Exploits11
Debian
Debian
added 2021/01/07 10:52 p.m.120 views

[SECURITY] [DSA 4828-1] libxstream-java security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4828-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 07, 2021 https://www.debian.org/security/faq -...

7.7CVSS8.5AI score0.82392EPSS
Exploits7
Debian
Debian
added 2020/12/31 3:8 p.m.68 views

[SECURITY] [DLA 2507-1] libxstream-java security update

Debian LTS Advisory DLA-2507-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany December 31, 2020 https://wiki.debian.org/LTS Package : libxstream-java Version : 1.4.11.1-1+deb9u1 CVE ID : CVE-2020-26258 CVE-2020-26259 Debian Bug : 977625 977624 Several security...

7.7CVSS6.9AI score0.82392EPSS
Exploits7
CVE
CVE
added 2020/12/16 1:5 a.m.345 views

CVE-2020-26259

CVE-2020-26259 affects XStream in IBM Storage Copy Data Management (2.2.0.0–2.2.25.0). Unmarshalling user-supplied data could allow arbitrary file deletion on the host if the process runs with sufficient privileges. IBM’s remediation for the affected products is to upgrade to 2.2.26.0 (Linux) and...

6.8CVSS7.5AI score0.82392EPSS
Exploits5References9Affected Software1
Rows per page
Query Builder