Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

731 matches found

OSV
OSVadded 2021/03/23 12:15 a.m.1 views

DEBIAN-CVE-2021-21351

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the...

9.1CVSS7.1AI score0.82552EPSS
Exploits1References1
OSV
OSVadded 2021/03/23 12:15 a.m.20 views

CVE-2021-21349

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream. No user is...

8.6CVSS8.5AI score0.47754EPSS
Exploits1References15
OSV
OSVadded 2021/03/23 12:15 a.m.1 views

DEBIAN-CVE-2021-21348

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to occupy a thread that consumes maximum CPU time and will never return. No user is affected, who followed the recommendation to setup...

7.5CVSS6.5AI score0.14201EPSS
Exploits0References1
OSV
OSVadded 2021/03/23 12:15 a.m.26 views

CVE-2021-21351

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the...

9.1CVSS9.4AI score0.82552EPSS
Exploits1References15
OSV
OSVadded 2021/03/23 12:15 a.m.27 views

CVE-2021-21347

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who follow...

9.8CVSS9.7AI score0.14683EPSS
Exploits1References15
OSV
OSVadded 2021/03/23 12:15 a.m.1 views

DEBIAN-CVE-2021-21347

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who follow...

9.8CVSS7.8AI score0.14683EPSS
Exploits1References1
OSV
OSVadded 2021/03/23 12:15 a.m.17 views

CVE-2021-21350

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to execute arbitrary code only by manipulating the processed input stream. No user is affected, who followed the recommendation to set...

9.8CVSS9.7AI score0.15638EPSS
Exploits1References15
NVD
NVDadded 2021/03/23 12:15 a.m.16 views

CVE-2021-21344

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who follow...

9.8CVSS0.76512EPSS
Exploits1References15
NVD
NVDadded 2021/03/23 12:15 a.m.25 views

CVE-2021-21345

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker who has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is affected, who...

9.9CVSS0.7295EPSS
Exploits1References16
NVD
NVDadded 2021/03/23 12:15 a.m.16 views

CVE-2021-21346

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who follow...

9.8CVSS0.7689EPSS
Exploits1References15
OSV
OSVadded 2021/03/23 12:15 a.m.20 views

CVE-2021-21344

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who follow...

9.8CVSS9.7AI score0.76512EPSS
Exploits1References15
OSV
OSVadded 2021/03/23 12:15 a.m.1 views

DEBIAN-CVE-2021-21346

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who follow...

9.8CVSS7.8AI score0.7689EPSS
Exploits1References1
OSV
OSVadded 2021/03/23 12:15 a.m.24 views

CVE-2021-21343

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new instances based on...

7.5CVSS7.4AI score0.47594EPSS
Exploits1References15
OSV
OSVadded 2021/03/23 12:15 a.m.22 views

CVE-2021-21341

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is vulnerability which may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of...

7.5CVSS7.5AI score0.77883EPSS
Exploits1References15
OSV
OSVadded 2021/03/23 12:15 a.m.30 views

CVE-2021-21346

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who follow...

9.8CVSS9.7AI score0.7689EPSS
Exploits1References15
OSV
OSVadded 2021/03/23 12:15 a.m.29 views

CVE-2021-21345

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker who has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is affected, who...

9.9CVSS9.6AI score0.7295EPSS
Exploits1References16
ATTACKERKB
ATTACKERKBadded 2021/03/23 12:15 a.m.1 views

CVE-2021-21349

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream. No user is...

8.6CVSS5.7AI score0.47754EPSS
Exploits1References21Affected Software1
ATTACKERKB
ATTACKERKBadded 2021/03/23 12:15 a.m.1 views

CVE-2021-21344

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who follow...

9.8CVSS6.2AI score0.76512EPSS
Exploits1References21Affected Software1
ATTACKERKB
ATTACKERKBadded 2021/03/23 12:15 a.m.0 views

CVE-2021-21342

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new instances based on...

9.1CVSS5.7AI score0.50145EPSS
Exploits1References21Affected Software1
ATTACKERKB
ATTACKERKBadded 2021/03/23 12:15 a.m.1 views

CVE-2021-21347

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who follow...

9.8CVSS6.2AI score0.14683EPSS
Exploits1References21Affected Software1
Rows per page
Query Builder