Skip to main content
CVE-2021-21345 CRITICAL POC PATCH THREAT Act Now

XStream is a Java library to serialize objects to XML and back again. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Code Injection Java Oncommand Insight Activemq +14
NVD GitHub
CVSS 3.1
9.9
EPSS
72.3%
CVE-2021-21350 CRITICAL POC PATCH THREAT Act Now

XStream is a Java library to serialize objects to XML and back again. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE File Upload Java Oncommand Insight Activemq +14
NVD GitHub
CVSS 3.1
9.8
EPSS
15.2%
CVE-2021-21347 CRITICAL POC PATCH THREAT Act Now

XStream is a Java library to serialize objects to XML and back again. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE File Upload Java Oncommand Insight Activemq +14
NVD GitHub
CVSS 3.1
9.8
EPSS
14.3%
CVE-2021-21346 CRITICAL POC PATCH THREAT Act Now

XStream is a Java library to serialize objects to XML and back again. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE File Upload Java Oncommand Insight Activemq +14
NVD GitHub
CVSS 3.1
9.8
EPSS
76.4%
CVE-2021-21344 CRITICAL POC PATCH THREAT Act Now

XStream is a Java library to serialize objects to XML and back again. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE File Upload Java Oncommand Insight Activemq +14
NVD GitHub
CVSS 3.1
9.8
EPSS
76.0%
CVE-2021-21351 CRITICAL POC PATCH THREAT Act Now

XStream is a Java library to serialize objects to XML and back again. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE File Upload Java Oncommand Insight Activemq +14
NVD GitHub
CVSS 3.1
9.1
EPSS
82.1%
CVE-2021-21342 CRITICAL POC PATCH THREAT Act Now

XStream is a Java library to serialize objects to XML and back again. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Deserialization Java Oncommand Insight Activemq Jmeter +12
NVD GitHub
CVSS 3.1
9.1
EPSS
50.0%
CVE-2021-23274 CRITICAL Act Now

The Config UI component of TIBCO Software Inc.'s TIBCO API Exchange Gateway and TIBCO API Exchange Gateway Distribution for TIBCO Silver Fabric contains a vulnerability that theoretically allows an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft XSS Api Exchange Gateway Api Exchange Gateway Distribution
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-29079 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Rbk852 Firmware Rbk853 Firmware Rbk854 Firmware +2
NVD
CVSS 3.1
9.6
EPSS
0.7%
CVE-2021-29078 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Rbk852 Firmware Rbk853 Firmware Rbk854 Firmware +8
NVD
CVSS 3.1
9.6
EPSS
0.8%
CVE-2021-29077 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Rbw30 Firmware Rbs40V Firmware Rbk852 Firmware +10
NVD
CVSS 3.1
9.6
EPSS
0.8%
CVE-2021-29076 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Rbk852 Firmware Rbk853 Firmware Rbk854 Firmware +2
NVD
CVSS 3.1
9.6
EPSS
0.8%
CVE-2021-29067 CRITICAL Act Now

Certain NETGEAR devices are affected by authentication bypass. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Rbw30 Firmware Rbs40V Firmware Rbk852 Firmware +10
NVD
CVSS 3.1
9.6
EPSS
0.6%
CVE-2021-29066 CRITICAL Act Now

Certain NETGEAR devices are affected by authentication bypass. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Rbk852 Firmware Rbk853 Firmware Rbk854 Firmware +2
NVD
CVSS 3.1
9.6
EPSS
0.6%
CVE-2021-29065 CRITICAL Act Now

NETGEAR RBR850 devices before 3.2.10.11 are affected by authentication bypass. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Rbr850 Firmware
NVD
CVSS 3.1
9.6
EPSS
0.6%
CVE-2021-29071 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated critical severity (CVSS 9.0), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection Rbk852 Firmware Rbk853 Firmware Rbk854 Firmware +8
NVD
CVSS 3.1
9.0
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy