Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xml security library vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-21724
pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin ...
Postgresql Postgresql Jdbc Driver
Postgresql Postgresql Jdbc Driver 42.3.2
Fedoraproject Fedora 35
Quarkus Quarkus
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
8 Github repositories
9.8
CVSSv3
CVE-2022-23852
Expat (aka libexpat) prior to 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.
Libexpat Project Libexpat
Netapp Oncommand Workflow Automation -
Netapp Clustered Data Ontap -
Tenable Nessus
Debian Debian Linux 9.0
Oracle Communications Metasolv Solution 6.3.1
Siemens Sinema Remote Connect Server
9.8
CVSSv3
CVE-2022-22822
addBinding in xmlparse.c in Expat (aka libexpat) prior to 2.4.3 has an integer overflow.
Libexpat Project Libexpat
Tenable Nessus
Siemens Sinema Remote Connect Server
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Article
9.8
CVSSv3
CVE-2022-22824
defineAttribute in xmlparse.c in Expat (aka libexpat) prior to 2.4.3 has an integer overflow.
Libexpat Project Libexpat
Tenable Nessus
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Siemens Sinema Remote Connect Server
1 Article
9.8
CVSSv3
CVE-2022-22823
build_model in xmlparse.c in Expat (aka libexpat) prior to 2.4.3 has an integer overflow.
Libexpat Project Libexpat
Tenable Nessus
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Siemens Sinema Remote Connect Server
1 Article
9.8
CVSSv3
CVE-2021-38297
Go prior to 1.16.9 and 1.17.x prior to 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used.
Golang Go
Fedoraproject Fedora 34
Fedoraproject Fedora 35
2 Github repositories
9.8
CVSSv3
CVE-2021-21346
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote malicious user to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user ...
Xstream Project Xstream
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Banking Platform 2.4.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Bi Publisher 12.2.1.4.0
Oracle Bi Publisher 12.2.1.3.0
Oracle Communications Unified Inventory Management 7.3.2
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Communications Unified Inventory Management 7.4.0
Oracle Communications Policy Management 12.5.0
Oracle Webcenter Portal 12.2.1.4.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.9.0
Oracle Banking Virtual Account Management 14.3.0
Oracle Bi Publisher 5.5.0.0.0
1 Github repository
9.8
CVSSv3
CVE-2021-21347
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote malicious user to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user ...
Xstream Project Xstream
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Banking Platform 2.4.0
Oracle Weblogic Server 12.1.3.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Communications Unified Inventory Management 7.3.2
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Communications Unified Inventory Management 7.4.0
Oracle Communications Policy Management 12.5.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Webcenter Portal 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.9.0
9.8
CVSSv3
CVE-2021-21344
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote malicious user to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user ...
Xstream Project Xstream
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Banking Platform 2.4.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Communications Unified Inventory Management 7.3.2
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Communications Unified Inventory Management 7.4.0
Oracle Communications Policy Management 12.5.0
Oracle Webcenter Portal 12.2.1.4.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.9.0
Oracle Banking Virtual Account Management 14.3.0
Oracle Communications Billing And Revenue Management Elastic Charging Engine 12.0.0.3.0
Oracle Business Activity Monitoring 12.2.1.3.0
Oracle Business Activity Monitoring 11.1.1.9.0
9.8
CVSSv3
CVE-2021-21350
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote malicious user to execute arbitrary code only by manipulating the processed input stream. No user is affected, who followed th...
Xstream Project Xstream
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Banking Platform 2.4.0
Oracle Weblogic Server 12.1.3.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Communications Unified Inventory Management 7.3.2
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Communications Unified Inventory Management 7.4.0
Oracle Communications Policy Management 12.5.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Webcenter Portal 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.9.0
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »