170 matches found
PT-2019-1859 · Oracle +5 · Java Se +6
Name of the Vulnerable Software and Affected Versions: Java SE versions 7u211 and 8u202 Description: The issue is related to insufficient access control in the 2D component of Oracle Java SE, which can be exploited by a remote attacker to gain full control over the application. This vulnerability...
Remote Code Execution (RCE)
openjdk is vulnerable to remote code execution RCE. An integer overflow occurs when the 2D component processes malicious sample model instances, allowing a remote attacker to corrupt memory and execute arbitrary code with virtual machine privileges...
Insecure Authorization
openjdk is vulnerable to insecure authorization. The 2D component created shared memory segments with insecure permissions, allowing a local attacker to exploit the vulnerability to read or write to the shared memory segment...
Zint Barcode Generator 2.6 - Denial of Service (PoC)
Zint Barcode Generator 2.6 - Denial of Service PoC Exploit Title: Zint Barcode Generator 2.6 - Denial of Service PoC Dork: N/A Date: 2018-11-01 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.zint.org.uk Software Link: https://sourceforge.net/projects/zint/files/latest/download Version:...
Zint Barcode Generator 2.6 - Denial of Service (PoC)
Exploit Title: Zint Barcode Generator 2.6 - Denial of Service PoC Dork: N/A Date: 2018-11-01 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.zint.org.uk Software Link: https://sourceforge.net/projects/zint/files/latest/download Version: 2.6 Category: Dos Tested on: WiN7x64/KaLiLinuXx64...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK including Logjam affect IBM Tivoli System Automation for Integrated Operations Management
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 that is used by IBM Tivoli System Automation for Integrated Operations Management. These issues were disclosed as part of the IBM Java SDK updates in July 2015. This bulletin also addresses the Logjam Attac...
Security Bulletin: July 2015 Java Platform Standard Edition Vulnerabilities in Multiple N series Products
Summary Multiple N series products incorporate the Oracle Java Platform, Standard Edition Java SE software libraries. Java SE JDK and JRE versions below 8u51, 7u85 and 6u101 and OpenJDK versions below 1.7.0.85 and 1.8.0.51 are susceptible to multiple vulnerabilities, potentially leading to an...
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM MessageSight (CVE-2016-5568, CVE-2016-5556, CVE-2016-5597, and CVE-2016-5554)
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 7, 7R1 and 8 used by IBM MessageSight. These issues were disclosed as part of the IBM Java SDK updates in October 2016. Vulnerability Details CVEID: CVE-2016-5568 DESCRIPTION: An unspecified...
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Tivoli Netcool/OMNIbus (CVE-2016-5597, CVE-2016-5542, CVE-2016-5556)
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition Version 7 that is used by Tivoli Netcool/OMNIbus. These were disclosed as part of the IBM Java SDK updates in October 2016. Vulnerability Details CVEID: CVE-2016-5597 DESCRIPTION: An unspecified...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Composite Application Manager for Transactions(Several CVEs)
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6.0, 7.0 and 8.0 that is used by IBM Tivoli Composite Application Manager for Transactions. These issues were disclosed as part of the IBM Java SDK updates in April 2016. Vulnerability Details...
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Tivoli Monitoring clients (CVE-2016-0363, CVE-2016-0376 plus additional CVEs.)
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition that is used by IBM Tivoli Monitoring. These issues were disclosed as part of the IBM Java SDK updates in April 2016.. Vulnerability Details CVEID: CVE-2016-3443 DESCRIPTION: An unspecified vulnerabili...
Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oct 2016 - Includes Oracle Oct 2016 CPU affect IBM Content Collector for File Systems
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Java™ Version 6 and Java™ Version 7 that is used by Content Collector for File Systems Vulnerability Details CVEID: CVE-2016-5582 DESCRIPTION: An unspecified vulnerability in Oracle Java SE and Java SE Embedded relat...
Security Bulletin: Multiple vulnerabilities in IBM Java affect IBM Security Network Protection
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7 that is used by IBM Security Network Protection. These issues were disclosed as part of the IBM Java SDK updates in June 2015. CVE-2015-0138, CVE-2015-0192, CVE-2015-0204, CVE-2015-0458,...
Security Bulletin: SiteProtector System can be affected by several vulnerabilities in the IBM Java Runtime Environment (CVE-2013-6954, CVE-2013-6629, CVE-2014-2421, CVE-2014-0453, CVE-2014-1876, CVE-2014-4244, CVE-2014-4263) and in Tomcat (CVE-2014-0075)
Summary The IBM Security SiteProtector System product can be impacted by several vulnerabilities in the IBM SDK Java Technology Edition Version 6 and 7 as well as a vulnerability in Tomcat. Vulnerability Details Java Runtime Environment Vulnerability Details: CVE ID: CVE-2013-6954 DESCRIPTION: A...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime IBM affect IBM Decision Optimization Center (CVE-2016-5554, CVE-2016-5556, CVE-2016-5568)
Summary There are multiple vulnerabilities in IBM® SDK Java™ and IBM® Runtime Environment Java™ Versions 6 and 7 used by IBM Decision Optimization Center. These issues were disclosed as part of the IBM Java SDK updates in October 2016. Vulnerability Details If you run your own Java code using the...
Security Bulletin:Multiple vulnerabilities in IBM® SDK Java™ Technology Edition affect IBM DB2 Recovery Expert for Linux, UNIX and Windows (CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0475, CVE-2016-0483, CVE-2016-0494, CVE-2015-7575)
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is used by IBM DB2 Recovery Expert for Linux, UNIX and Windows . Information about these vulnerabilities affecting IBM Java SDK has been published in a security bulletin. Vulnerability Details CVEID: CVE-2016-040...
Security Bulletin: Multiple Vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU - Jan 2016 - Includes Oracle Jan 2016 CPU + 3 IBM CVEs affects IBM Algo One - Core, Algo Risk Application, and Counterparty Credit Risk
Summary Java SE issues disclosed in the Oracle January 2016 Critical Path Update. Affects Algo One - Core, Algo Risk Application, and Counterparty Credit Risk. Vulnerability Details CVEID: CVE-2015-7575 DESCRIPTION: The TLS protocol could allow weaker than expected security caused by a collision...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Process Designer used in IBM Business Process Manager and WebSphere Lombardi Edition
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is used by IBM Process Designer in IBM Business Process Manager and WebSphere Lombardi Edition. These issues were disclosed as part of the IBM Java SDK updates in January 2017. Vulnerability Details CVEID:...
Security Bulletin: Multiple vulnerabilities may affect IBM® WebSphere Real Time
Summary Java SE issues disclosed in the Oracle January 2017 Critical Patch Update Vulnerability Details CVE IDs: CVE-2017-3289 CVE-2017-3272 CVE-2017-3241 CVE-2016-5546 CVE-2017-3253 CVE-2016-5548 CVE-2016-5549 CVE-2017-3252 CVE-2016-5547 CVE-2016-5552 CVE-2017-3261 CVE-2017-3231 CVE-2017-3259...
Security Bulletin: CICS Transaction Gateway for Multiplatforms
Summary Multiple security vulnerabilities exist in the JREs shipped with CICS Transaction Gateway CICS TG for client applications. CICS TG itself is not vulnerable to all these risks but client side applications using the CICS TG supplied JREs might be. Vulnerability Details CVEID: CVE-2016-3443...