Skip to main content

Jmeter

14 CVEs product

Monthly

CVE-2021-21351 Maven CRITICAL POC PATCH THREAT Act Now

XStream is a Java library to serialize objects to XML and back again. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE File Upload Java Oncommand Insight Activemq +14
NVD GitHub
CVSS 3.1
9.1
EPSS
82.1%
CVE-2021-21350 Maven CRITICAL POC PATCH THREAT Act Now

XStream is a Java library to serialize objects to XML and back again. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE File Upload Java Oncommand Insight Activemq +14
NVD GitHub
CVSS 3.1
9.8
EPSS
15.2%
CVE-2021-21349 Maven HIGH POC PATCH THREAT This Week

XStream is a Java library to serialize objects to XML and back again. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Deserialization Java Oncommand Insight Activemq Jmeter +14
NVD GitHub
CVSS 3.1
8.6
EPSS
46.8%
CVE-2021-21348 Maven HIGH PATCH This Week

XStream is a Java library to serialize objects to XML and back again. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Java Oncommand Insight Activemq Jmeter +13
NVD GitHub
CVSS 3.1
7.5
EPSS
13.8%
CVE-2021-21347 Maven CRITICAL POC PATCH THREAT Act Now

XStream is a Java library to serialize objects to XML and back again. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE File Upload Java Oncommand Insight Activemq +14
NVD GitHub
CVSS 3.1
9.8
EPSS
14.3%
CVE-2021-21346 Maven CRITICAL POC PATCH THREAT Act Now

XStream is a Java library to serialize objects to XML and back again. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE File Upload Java Oncommand Insight Activemq +14
NVD GitHub
CVSS 3.1
9.8
EPSS
76.4%
CVE-2021-21345 Maven CRITICAL POC PATCH THREAT Act Now

XStream is a Java library to serialize objects to XML and back again. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Code Injection Java Oncommand Insight Activemq +14
NVD GitHub
CVSS 3.1
9.9
EPSS
72.3%
CVE-2021-21344 Maven CRITICAL POC PATCH THREAT Act Now

XStream is a Java library to serialize objects to XML and back again. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE File Upload Java Oncommand Insight Activemq +14
NVD GitHub
CVSS 3.1
9.8
EPSS
76.0%
CVE-2021-21343 Maven HIGH POC PATCH THREAT This Week

XStream is a Java library to serialize objects to XML and back again. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Code Injection Java Oncommand Insight Activemq Jmeter +12
NVD GitHub
CVSS 3.1
7.5
EPSS
46.7%
CVE-2021-21342 Maven CRITICAL POC PATCH THREAT Act Now

XStream is a Java library to serialize objects to XML and back again. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Deserialization Java Oncommand Insight Activemq Jmeter +12
NVD GitHub
CVSS 3.1
9.1
EPSS
50.0%
CVE-2021-21341 Maven HIGH POC PATCH THREAT This Week

XStream is a Java library to serialize objects to XML and back again. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Java Oncommand Insight Activemq Jmeter +10
NVD GitHub
CVSS 3.1
7.5
EPSS
77.8%
CVE-2019-0187 Maven CRITICAL PATCH Act Now

Unauthenticated RCE is possible when JMeter is used in distributed mode (-r or -R command line options). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization Jmeter
NVD
CVSS 3.0
9.8
EPSS
2.7%
CVE-2018-1287 Maven CRITICAL PATCH Act Now

In Apache JMeter 2.X and 3.X, when using Distributed Test only (RMI based), jmeter server binds RMI Registry to wildcard host. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apache Jmeter
NVD
CVSS 3.0
9.8
EPSS
3.4%
CVE-2018-1297 Maven CRITICAL PATCH Act Now

When using Distributed Test only (RMI based), Apache JMeter 2.x and 3.x uses an unsecured RMI connection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apache Jmeter
NVD
CVSS 3.0
9.8
EPSS
10.1%
EPSS 82% CVSS 9.1
CRITICAL POC PATCH THREAT Act Now

XStream is a Java library to serialize objects to XML and back again. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE File Upload Java +16
NVD GitHub
EPSS 15% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

XStream is a Java library to serialize objects to XML and back again. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE File Upload Java +16
NVD GitHub
EPSS 47% CVSS 8.6
HIGH POC PATCH THREAT This Week

XStream is a Java library to serialize objects to XML and back again. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Deserialization Java Oncommand Insight +16
NVD GitHub
EPSS 14% CVSS 7.5
HIGH PATCH This Week

XStream is a Java library to serialize objects to XML and back again. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Java Oncommand Insight +15
NVD GitHub
EPSS 14% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

XStream is a Java library to serialize objects to XML and back again. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE File Upload Java +16
NVD GitHub
EPSS 76% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

XStream is a Java library to serialize objects to XML and back again. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE File Upload Java +16
NVD GitHub
EPSS 72% CVSS 9.9
CRITICAL POC PATCH THREAT Act Now

XStream is a Java library to serialize objects to XML and back again. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Code Injection Java +16
NVD GitHub
EPSS 76% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

XStream is a Java library to serialize objects to XML and back again. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE File Upload Java +16
NVD GitHub
EPSS 47% CVSS 7.5
HIGH POC PATCH THREAT This Week

XStream is a Java library to serialize objects to XML and back again. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Code Injection Java Oncommand Insight +14
NVD GitHub
EPSS 50% CVSS 9.1
CRITICAL POC PATCH THREAT Act Now

XStream is a Java library to serialize objects to XML and back again. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Deserialization Java Oncommand Insight +14
NVD GitHub
EPSS 78% CVSS 7.5
HIGH POC PATCH THREAT This Week

XStream is a Java library to serialize objects to XML and back again. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Java Oncommand Insight +12
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

Unauthenticated RCE is possible when JMeter is used in distributed mode (-r or -R command line options). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization Jmeter
NVD
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

In Apache JMeter 2.X and 3.X, when using Distributed Test only (RMI based), jmeter server binds RMI Registry to wildcard host. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apache Jmeter
NVD
EPSS 10% CVSS 9.8
CRITICAL PATCH Act Now

When using Distributed Test only (RMI based), Apache JMeter 2.x and 3.x uses an unsecured RMI connection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apache Jmeter
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy