← Back

Business Activity Monitoring

business_activity_monitoring

Vendor: Oracle • 29 CVEs

CVEs (29)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-39152
5Debian
FedoraprojectNetapp+2 more
15Business Activity Monitoring
Commerce Guided SearchCommunications Billing And Revenue Management Elastic Charging Engine+12 more
May 23, 2025
Aug 23, 2021
N/A· v4
8.5 HIGH· v3
6.0 MEDIUM· v2
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by...Show more
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream with a Java runtime version 14 to 8. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the [Security Framework](https://x-stream.github.io/security.html#framework), you will have to use at least version 1.4.18.Show less
CVE-2021-39150
5Debian
FedoraprojectNetapp+2 more
15Business Activity Monitoring
Commerce Guided SearchCommunications Billing And Revenue Management Elastic Charging Engine+12 more
May 23, 2025
Aug 23, 2021
N/A· v4
8.5 HIGH· v3
6.0 MEDIUM· v2
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by...Show more
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream with a Java runtime version 14 to 8. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the [Security Framework](https://x-stream.github.io/security.html#framework), you will have to use at least version 1.4.18.Show less
CVE-2021-39140
5Debian
FedoraprojectNetapp+2 more
15Business Activity Monitoring
Commerce Guided SearchCommunications Billing And Revenue Management Elastic Charging Engine+12 more
May 23, 2025
Aug 23, 2021
N/A· v4
6.3 MEDIUM· v3
6.3 MEDIUM· v2
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel...Show more
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.Show less
CVE-2021-39154
5Debian
FedoraprojectNetapp+2 more
15Business Activity Monitoring
Commerce Guided SearchCommunications Billing And Revenue Management Elastic Charging Engine+12 more
May 23, 2025
Aug 23, 2021
N/A· v4
8.5 HIGH· v3
6.0 MEDIUM· v2
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the p...Show more
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.Show less
CVE-2021-39153
5Debian
FedoraprojectNetapp+2 more
13Business Activity Monitoring
Communications Billing And Revenue Management Elastic Charging EngineCommunications Cloud Native Core Automated Test Suite+10 more
May 23, 2025
Aug 23, 2021
N/A· v4
8.5 HIGH· v3
6.0 MEDIUM· v2
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the p...Show more
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream, if using the version out of the box with Java runtime version 14 to 8 or with JavaFX installed. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.Show less
CVE-2021-39151
5Debian
FedoraprojectNetapp+2 more
15Business Activity Monitoring
Commerce Guided SearchCommunications Billing And Revenue Management Elastic Charging Engine+12 more
May 23, 2025
Aug 23, 2021
N/A· v4
8.5 HIGH· v3
6.0 MEDIUM· v2
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the p...Show more
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.Show less
CVE-2021-39149
5Debian
FedoraprojectNetapp+2 more
15Business Activity Monitoring
Commerce Guided SearchCommunications Billing And Revenue Management Elastic Charging Engine+12 more
May 23, 2025
Aug 23, 2021
N/A· v4
8.5 HIGH· v3
6.0 MEDIUM· v2
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the p...Show more
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.Show less
CVE-2021-39148
5Debian
FedoraprojectNetapp+2 more
15Business Activity Monitoring
Commerce Guided SearchCommunications Billing And Revenue Management Elastic Charging Engine+12 more
May 23, 2025
Aug 23, 2021
N/A· v4
8.5 HIGH· v3
6.0 MEDIUM· v2
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the p...Show more
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.Show less
CVE-2021-39147
5Debian
FedoraprojectNetapp+2 more
15Business Activity Monitoring
Commerce Guided SearchCommunications Billing And Revenue Management Elastic Charging Engine+12 more
May 23, 2025
Aug 23, 2021
N/A· v4
8.5 HIGH· v3
6.0 MEDIUM· v2
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the p...Show more
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.Show less
CVE-2021-39146
5Debian
FedoraprojectNetapp+2 more
15Business Activity Monitoring
Commerce Guided SearchCommunications Billing And Revenue Management Elastic Charging Engine+12 more
May 23, 2025
Aug 23, 2021
N/A· v4
8.5 HIGH· v3
6.0 MEDIUM· v2
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the p...Show more
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.Show less
CVE-2021-39145
5Debian
FedoraprojectNetapp+2 more
15Business Activity Monitoring
Commerce Guided SearchCommunications Billing And Revenue Management Elastic Charging Engine+12 more
May 23, 2025
Aug 23, 2021
N/A· v4
8.5 HIGH· v3
6.0 MEDIUM· v2
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the p...Show more
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.Show less
CVE-2021-39144
5Debian
FedoraprojectNetapp+2 more
15Business Activity Monitoring
Commerce Guided SearchCommunications Billing And Revenue Management Elastic Charging Engine+12 more
Oct 24, 2025
Aug 23, 2021
N/A· v4
8.5 HIGH· v3
6.0 MEDIUM· v2
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the p...Show more
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.Show less
CVE-2021-39141
5Debian
FedoraprojectNetapp+2 more
15Business Activity Monitoring
Commerce Guided SearchCommunications Billing And Revenue Management Elastic Charging Engine+12 more
May 23, 2025
Aug 23, 2021
N/A· v4
8.5 HIGH· v3
6.0 MEDIUM· v2
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the p...Show more
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.Show less
CVE-2021-39139
5Debian
FedoraprojectNetapp+2 more
15Business Activity Monitoring
Commerce Guided SearchCommunications Billing And Revenue Management Elastic Charging Engine+12 more
May 23, 2025
Aug 23, 2021
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the p...Show more
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. A user is only affected if using the version out of the box with JDK 1.7u21 or below. However, this scenario can be adjusted easily to an external Xalan that works regardless of the version of the Java runtime. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.Show less
CVE-2021-29505
5Debian
FedoraprojectNetapp+2 more
17Banking Cash Management
Banking Corporate Lending Process ManagementBanking Credit Facilities Process Management+14 more
May 30, 2025
May 28, 2021
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
XStream is software for serializing Java objects to XML and back again. A vulnerability in XStream versions prior to 1.4.17 may allow a remote attacker has sufficient rights to execute commands of the host only by manipu...Show more
XStream is software for serializing Java objects to XML and back again. A vulnerability in XStream versions prior to 1.4.17 may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types is affected. The vulnerability is patched in version 1.4.17.Show less
CVE-2021-21351
6Apache
DebianFedoraproject+3 more
16Activemq
Banking Enterprise Default ManagementBanking Platform+13 more
May 23, 2025
Mar 23, 2021
N/A· v4
9.1 CRITICAL· v3
6.5 MEDIUM· v2
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by m...Show more
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16.Show less
CVE-2021-21350
6Apache
DebianFedoraproject+3 more
16Activemq
Banking Enterprise Default ManagementBanking Platform+13 more
May 23, 2025
Mar 23, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to execute arbitrary code only by manipulating the proces...Show more
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to execute arbitrary code only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16.Show less
CVE-2021-21349
6Apache
DebianFedoraproject+3 more
17Activemq
Banking Enterprise Default ManagementBanking Platform+14 more
May 23, 2025
Mar 23, 2021
N/A· v4
8.6 HIGH· v3
5.0 MEDIUM· v2
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to request data from internal resources that are not publ...Show more
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16.Show less
CVE-2021-21348
6Apache
DebianFedoraproject+3 more
16Activemq
Banking Enterprise Default ManagementBanking Platform+13 more
May 23, 2025
Mar 23, 2021
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to occupy a thread that consumes maximum CPU time and wil...Show more
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to occupy a thread that consumes maximum CPU time and will never return. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16.Show less
CVE-2021-21347
6Apache
DebianFedoraproject+3 more
16Activemq
Banking Enterprise Default ManagementBanking Platform+13 more
May 23, 2025
Mar 23, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host onl...Show more
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16.Show less