Oracle

Utilities Testing Accelerator

27 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2021-4104

  • EPSS 72.2%
  • Published 14.12.2021 12:15:12
  • Last modified 21.11.2024 06:36:54

JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppen...

8.5

CVE-2021-39152

Exploit
  • EPSS 67.83%
  • Published 23.08.2021 19:15:13
  • Last modified 23.05.2025 16:47:47

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed inp...

8.5

CVE-2021-39150

Exploit
  • EPSS 2.31%
  • Published 23.08.2021 19:15:12
  • Last modified 23.05.2025 16:48:02

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed inp...

6.3

CVE-2021-39140

Exploit
  • EPSS 0.12%
  • Published 23.08.2021 19:15:10
  • Last modified 23.05.2025 16:50:34

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload r...

8.5

CVE-2021-39154

Exploit
  • EPSS 0.71%
  • Published 23.08.2021 18:15:13
  • Last modified 23.05.2025 16:47:35

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user...

8.5

CVE-2021-39153

Exploit
  • EPSS 0.68%
  • Published 23.08.2021 18:15:13
  • Last modified 23.05.2025 16:50:17

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream, if usin...

8.5

CVE-2021-39141

Exploit
  • EPSS 81.84%
  • Published 23.08.2021 18:15:12
  • Last modified 23.05.2025 16:52:36

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user...

8.5

CVE-2021-39151

Exploit
  • EPSS 0.68%
  • Published 23.08.2021 18:15:12
  • Last modified 23.05.2025 16:49:36

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user...

8.5

CVE-2021-39149

Exploit
  • EPSS 0.68%
  • Published 23.08.2021 18:15:12
  • Last modified 23.05.2025 16:50:01

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user...

8.5

CVE-2021-39148

Exploit
  • EPSS 0.57%
  • Published 23.08.2021 18:15:12
  • Last modified 23.05.2025 16:48:30

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user...