Lucene search
K

26 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in libxstream-java

XStream is a simple library for serializing objects to XML and back again. In affected versions, this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. No users are affected if they follow the recommendation...

8.5CVSS7.2AI score0.16118EPSS
Exploits2References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in libxstream-java

XStream is a simple library for serializing objects to XML and back again. In affected versions, this vulnerability may allow a remote attacker with sufficient rights to execute commands on the host by manipulating the input stream being processed. No users are affected as long as they follow...

8.5CVSS7.8AI score0.98124EPSS
Exploits6References2
RedhatCVE
RedhatCVE
added 2026/03/31 4:59 a.m.2 views

CVE-2026-30307

Roo Code's command auto-approval module contains a critical OS command injection vulnerability that renders its whitelist security mechanism completely ineffective. The system relies on fragile regular expressions to parse command structures; while it attempts to intercept dangerous operations, i...

9.8CVSS6.3AI score0.01145EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 3:53 a.m.5 views

SUSE CVE-2020-26259

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling. The vulnerability may allow a remote attacker to delete arbitrary know files on the host as log as the executin...

5.4CVSS7.1AI score0.82392EPSS
Exploits5References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:38 a.m.1 views

SUSE CVE-2021-39139

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. A user is only affected if using the version out of th...

8.1CVSS7.6AI score0.0454EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:38 a.m.2 views

SUSE CVE-2021-39147

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation t...

8.1CVSS7.9AI score0.04735EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:38 a.m.3 views

SUSE CVE-2021-39153

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream, if using the version out of the box with Java runtime...

8.1CVSS8AI score0.04457EPSS
Exploits1References6
OSV
OSV
added 2021/08/25 2:48 p.m.1 views

GHSA-G5W6-MRJ7-75H2 XStream is vulnerable to an Arbitrary Code Execution attack

Impact The vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required...

8.5CVSS7.5AI score0.16118EPSS
Exploits2References13
OSV
OSV
added 2021/08/25 2:47 p.m.1 views

GHSA-3CCQ-5VW3-2P6X XStream is vulnerable to an Arbitrary Code Execution attack

Impact The vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required...

8.5CVSS7.2AI score0.04735EPSS
Exploits1References13
OSV
OSV
added 2021/08/23 7:15 p.m.2 views

UBUNTU-CVE-2021-39140

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by...

6.5CVSS7.1AI score0.05918EPSS
Exploits1References5
OSV
OSV
added 2021/08/23 6:15 p.m.1 views

DEBIAN-CVE-2021-39154

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation t...

8.5CVSS7.7AI score0.04735EPSS
Exploits1References1
OSV
OSV
added 2021/08/23 6:15 p.m.2 views

DEBIAN-CVE-2021-39148

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation t...

8.5CVSS7.8AI score0.04735EPSS
Exploits1References1
OSV
OSV
added 2021/08/23 6:15 p.m.1 views

DEBIAN-CVE-2021-39151

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation t...

8.5CVSS7.7AI score0.04735EPSS
Exploits1References1
OSV
OSV
added 2021/08/23 6:15 p.m.1 views

DEBIAN-CVE-2021-39144

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is affected, who followed the recommendation t...

8.5CVSS7.7AI score0.98124EPSS
Exploits6References1
OSV
OSV
added 2021/08/23 6:15 p.m.1 views

UBUNTU-CVE-2021-39151

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation t...

8.5CVSS7.2AI score0.04735EPSS
Exploits1References5
OSV
OSV
added 2021/08/23 6:15 p.m.1 views

UBUNTU-CVE-2021-39148

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation t...

8.5CVSS7.2AI score0.04735EPSS
Exploits1References5
OSV
OSV
added 2021/08/23 6:15 p.m.1 views

UBUNTU-CVE-2021-39149

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation t...

8.5CVSS7.2AI score0.04735EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2021/08/23 12:0 a.m.4 views

PT-2021-22400 · Xstream +5 · Xstream +5

Name of the Vulnerable Software and Affected Versions: XStream versions prior to 1.4.18 Description: XStream is a library used to serialize objects to XML and back again. This issue may allow a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed inp...

9.9CVSS8AI score0.98124EPSS
Exploits29References176
Positive Technologies
Positive Technologies
added 2021/08/23 12:0 a.m.9 views

PT-2021-22402 · Xstream +5 · Xstream +5

Name of the Vulnerable Software and Affected Versions: XStream versions prior to 1.4.18 Description: This issue may allow a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. Users who set up XStream's security framework with a...

9.9CVSS8.1AI score0.98124EPSS
Exploits29References180
Positive Technologies
Positive Technologies
added 2021/08/23 12:0 a.m.2 views

PT-2021-22404 · Xstream +5 · Xstream +5

Name of the Vulnerable Software and Affected Versions: XStream versions prior to 1.4.18 Description: The issue allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. Users who set up XStream's security framework with a whitelist...

9.9CVSS8AI score0.98124EPSS
Exploits29References177
Rows per page
Query Builder