Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

26 matches found

AstraLinux
AstraLinuxadded 2026/05/20 5:53 a.m.3 views

Astra Linux - уязвимость в libxstream-java

XStream is a simple library for serializing objects to XML and back again. In affected versions, this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. No users are affected if they follow the recommendation...

8.5CVSS7.3AI score0.83089EPSS
Exploits2References1
AstraLinux
AstraLinuxadded 2026/05/20 5:53 a.m.4 views

Astra Linux - уязвимость в libxstream-java

XStream is a simple library for serializing objects to XML and back again. In affected versions, this vulnerability may allow a remote attacker with sufficient rights to execute commands on the host by manipulating the input stream being processed. No users are affected as long as they follow...

8.5CVSS7.2AI score0.94255EPSS
Exploits6References2
RedhatCVE
RedhatCVEadded 2026/03/31 4:59 a.m.0 views

CVE-2026-30307

Roo Code's command auto-approval module contains a critical OS command injection vulnerability that renders its whitelist security mechanism completely ineffective. The system relies on fragile regular expressions to parse command structures; while it attempts to intercept dangerous operations, i...

9.8CVSS6.3AI score0.00686EPSS
Exploits0References1
SUSE CVE
SUSE CVEadded 2023/02/15 3:53 a.m.4 views

SUSE CVE-2020-26259

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling. The vulnerability may allow a remote attacker to delete arbitrary know files on the host as log as the executin...

5.4CVSS7.1AI score0.8887EPSS
Exploits5References6
SUSE CVE
SUSE CVEadded 2023/02/15 3:38 a.m.1 views

SUSE CVE-2021-39139

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. A user is only affected if using the version out of th...

8.1CVSS7.6AI score0.00739EPSS
Exploits0References6
SUSE CVE
SUSE CVEadded 2023/02/15 3:38 a.m.1 views

SUSE CVE-2021-39147

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation t...

8.1CVSS7.9AI score0.00708EPSS
Exploits1References6
SUSE CVE
SUSE CVEadded 2023/02/15 3:38 a.m.1 views

SUSE CVE-2021-39153

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream, if using the version out of the box with Java runtime...

8.1CVSS8AI score0.00625EPSS
Exploits1References6
OSV
OSVadded 2021/08/25 2:48 p.m.0 views

GHSA-G5W6-MRJ7-75H2 XStream is vulnerable to an Arbitrary Code Execution attack

Impact The vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required...

8.5CVSS7.5AI score0.83089EPSS
Exploits2References13
OSV
OSVadded 2021/08/25 2:47 p.m.0 views

GHSA-3CCQ-5VW3-2P6X XStream is vulnerable to an Arbitrary Code Execution attack

Impact The vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required...

8.5CVSS7.2AI score0.00625EPSS
Exploits1References13
OSV
OSVadded 2021/08/23 7:15 p.m.1 views

UBUNTU-CVE-2021-39140

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by...

6.5CVSS7.1AI score0.00138EPSS
Exploits1References5
OSV
OSVadded 2021/08/23 6:15 p.m.1 views

DEBIAN-CVE-2021-39154

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation t...

8.5CVSS7.7AI score0.00708EPSS
Exploits1References1
OSV
OSVadded 2021/08/23 6:15 p.m.1 views

DEBIAN-CVE-2021-39151

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation t...

8.5CVSS7.7AI score0.00625EPSS
Exploits1References1
OSV
OSVadded 2021/08/23 6:15 p.m.2 views

DEBIAN-CVE-2021-39148

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation t...

8.5CVSS7.8AI score0.00708EPSS
Exploits1References1
OSV
OSVadded 2021/08/23 6:15 p.m.1 views

DEBIAN-CVE-2021-39144

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is affected, who followed the recommendation t...

8.5CVSS7.7AI score0.94255EPSS
Exploits6References1
OSV
OSVadded 2021/08/23 6:15 p.m.0 views

UBUNTU-CVE-2021-39148

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation t...

8.5CVSS7.2AI score0.00708EPSS
Exploits1References5
OSV
OSVadded 2021/08/23 6:15 p.m.0 views

UBUNTU-CVE-2021-39151

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation t...

8.5CVSS7.2AI score0.00625EPSS
Exploits1References5
OSV
OSVadded 2021/08/23 6:15 p.m.0 views

UBUNTU-CVE-2021-39149

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation t...

8.5CVSS7.2AI score0.00625EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2021/08/23 12:0 a.m.2 views

PT-2021-22404 · Xstream +5 · Xstream +5

Name of the Vulnerable Software and Affected Versions: XStream versions prior to 1.4.18 Description: The issue allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. Users who set up XStream's security framework with a whitelist...

9.9CVSS8AI score0.94255EPSS
Exploits29References177
Positive Technologies
Positive Technologiesadded 2021/08/23 12:0 a.m.3 views

PT-2021-22399 · Xstream +5 · Xstream +5

Name of the Vulnerable Software and Affected Versions: XStream versions prior to 1.4.18 Description: The issue may allow a remote attacker to allocate 100% CPU time on the target system, depending on CPU type or parallel execution of a payload, resulting in a denial of service by manipulating the...

9.9CVSS7.4AI score0.94255EPSS
Exploits29References177
Positive Technologies
Positive Technologiesadded 2021/08/23 12:0 a.m.4 views

PT-2021-22400 · Xstream +5 · Xstream +5

Name of the Vulnerable Software and Affected Versions: XStream versions prior to 1.4.18 Description: XStream is a library used to serialize objects to XML and back again. This issue may allow a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed inp...

9.9CVSS8AI score0.94255EPSS
Exploits29References176
Rows per page
Query Builder