Lucene search
+L

25 matches found

RedHat Linux
RedHat Linux
added 2023/06/27 6:53 p.m.103 views

Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.4 security update

A security update is now available for Red Hat Single Sign-On 7.6 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

10CVSS7.4AI score0.98124EPSS
Exploits6References7
Wallarm Lab
Wallarm Lab
added 2023/04/06 2:27 p.m.88 views

Changes in OWASP API Security Top-10 2023RC | API Security Newsletter

Welcome to our March API newsletter, recapping some of the events of last month. And what a month it was. Among other buzzworthy news, OWASP published the initial Release Candidate for the 2023 API Security Top-10 list – we analyzed the ins & outs and presented them over the course of a couple of...

7.5CVSS9.6AI score0.99827EPSS
Exploits57
RedHat Linux
RedHat Linux
added 2023/03/17 4:41 p.m.53 views

Important: Red Hat Security Advisory: Red Hat Data Grid 7.3.10 security update

An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

8.5CVSS7.6AI score0.98124EPSS
Exploits6References4
Rapid7 Blog
Rapid7 Blog
added 2022/11/18 9:49 p.m.84 views

Metasploit Weekly Wrap-Up

Pre-authenticated Remote Code Execution in VMware NSX Manager using XStream CVE-2021-39144 There’s nothing quite like a pre-authenticated remote code execution vulnerability in a piece of enterprise software. This week, community contributor h00die-gr3y added a module that targets VMware NSX...

6CVSS1.1AI score0.98124EPSS
Exploits14
Packet Storm
Packet Storm
added 2022/11/15 12:0 a.m.805 views

VMware NSX Manager XStream Unauthenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware NSX Manager XStream unauthenticated RCE', 'Description' = %q VMware Cloud Foundation NSX-V contains a remote code execution vulnerability...

8.5CVSS0.6AI score0.98124EPSS
Exploits6
Check Point Advisories
Check Point Advisories
added 2022/11/13 12:0 a.m.11 views

XStream Command Injection (CVE-2021-39144)

A command injection vulnerability exists in XStream. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

6CVSS5.7AI score0.98124EPSS
Exploits6
hivepro
hivepro
added 2022/10/28 7:27 a.m.41 views

VMware Cloud Foundation has a significant RCE flaw

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A Remote Code Execution RCE vulnerability through the XStream open-source library tagged as CVE-2021-39144 in the VMware Cloud Foundation, which is a hybrid cloud platform for hosting enterprise...

6CVSS1.8AI score0.98124EPSS
Exploits6
The Hacker News
The Hacker News
added 2022/10/26 4:24 a.m.91 views

VMware Releases Patch for Critical RCE Flaw in Cloud Foundation Platform

VMware on Tuesday shipped security updates to address a critical security flaw in its VMware Cloud Foundation product. Tracked as CVE-2021-39144, the issue has been rated 9.8 out of 10 on the CVSS vulnerability scoring system, and relates to a remote code execution vulnerability via XStream open...

9.1CVSS1.1AI score0.98124EPSS
Exploits7
RedHat Linux
RedHat Linux
added 2022/02/14 1:6 p.m.101 views

Moderate: Red Hat Security Advisory: Red Hat Data Grid 8.3.0 security update

An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

8.8CVSS7.6AI score0.98124EPSS
Exploits17References22
RedHat Linux
RedHat Linux
added 2022/01/26 4:33 p.m.52 views

Moderate: Red Hat Security Advisory: Red Hat Decision Manager 7.12.0 security update

An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...

8.8CVSS7.6AI score0.98124EPSS
Exploits17References18
RedHat Linux
RedHat Linux
added 2022/01/26 3:52 p.m.76 views

Critical: Red Hat Security Advisory: Red Hat Process Automation Manager 7.12.0 security update

An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

10CVSS7.7AI score0.99999EPSS
Exploits372References19
Amazon
Amazon
added 2021/12/10 12:0 a.m.51 views

Important: xstream

Issue Overview: A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to...

8.8CVSS8.4AI score0.98124EPSS
Exploits16
RedHat Linux
RedHat Linux
added 2021/12/02 4:17 p.m.53 views

Moderate: Red Hat Security Advisory: Red Hat Integration Camel-K 1.6 release and security update

A minor version update from 1.4.2 to 1.6 is now available for Red Hat Integration Camel K that includes bug fixes and enhancements. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a...

9.9CVSS7.5AI score0.98124EPSS
Exploits27References35
Debian
Debian
added 2021/11/10 8:46 p.m.53 views

[SECURITY] [DSA 5004-1] libxstream-java security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5004-1 [email protected] https://www.debian.org/security/ Markus Koschany November 10, 2021 https://www.debian.org/security/faq -...

9.9CVSS8.9AI score0.98124EPSS
Exploits27
Debian
Debian
added 2021/11/10 8:29 p.m.50 views

[SECURITY] [DSA 5004-1] libxstream-java security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5004-1 [email protected] https://www.debian.org/security/ Markus Koschany November 10, 2021 https://www.debian.org/security/faq -...

7.8CVSS9AI score0.98124EPSS
Exploits27
Tenable Nessus
Tenable Nessus
added 2021/10/26 12:0 a.m.52 views

RHEL 7 : xstream (RHSA-2021:3956)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3956 advisory. XStream is a Java XML serialization library to serialize objects to and deserialize object from XML. Security Fixes: xstream: Arbitrary code...

8.8CVSS8.2AI score0.98124EPSS
Exploits16References30
OpenVAS
OpenVAS
added 2021/10/21 12:0 a.m.28 views

Fedora: Security Advisory for xstream (FEDORA-2021-fbad11014a)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.9CVSS8AI score0.98124EPSS
Exploits34References4
OpenVAS
OpenVAS
added 2021/10/21 12:0 a.m.37 views

Fedora: Security Advisory for xstream (FEDORA-2021-d894ca87dc)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.9CVSS8AI score0.98124EPSS
Exploits34References4
OpenVAS
OpenVAS
added 2021/10/21 12:0 a.m.36 views

openSUSE: Security Advisory for xstream (openSUSE-SU-2021:3476-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS8AI score0.98124EPSS
Exploits16References4
OPENSUSE Linux
OPENSUSE Linux
added 2021/10/20 12:0 a.m.122 views

Security update for xstream (important)

openSUSE Security Update: Security update for xstream Announcement ID: openSUSE-SU-2021:3476-1 Rating: important References: 1189798 Cross-References: CVE-2021-39139 CVE-2021-39140 CVE-2021-39141 CVE-2021-39144 CVE-2021-39145 CVE-2021-39146 CVE-2021-39147 CVE-2021-39148 CVE-2021-39149...

8.1CVSS8.2AI score0.98124EPSS
Exploits16References1
Rows per page
Query Builder