113 matches found
MiracleLinux 8 : java-11-openjdk-11.0.13.0.8-1.el8 (AXSA:2021-2492:13)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2492:13 advisory. OpenJDK: Loop in HttpsServer triggered during TLS session close JSSE, 8254967 CVE-2021-35565 OpenJDK: Incorrect principal selection when using...
CVE-2022-35559
A stack overflow vulnerability exists in /goform/setAutoPing in Tenda W6 V1.0.0.94122, which allows an attacker to construct ping1 parameters and ping2 parameters for a stack overflow attack. An attacker can use this vulnerability to execute arbitrary code execution...
Siemens Ruggedcom ROX Uncontrolled Resource Consumption (CVE-2021-35559)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Swing. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...
CVE-2021-35559 vulnerabilities
Vulnerabilities for packages: openjdk-26-openj9, openjdk-21-openj9, openjdk-17-openj9, openjdk-25-openj9, openjdk-11-openj9, openjdk-8-openj9...
MAL-2025-35559 Malicious code in test-mlw2-inkle-jinns (npm)
The package test-mlw2-inkle-jinns was found to contain malicious code...
CVE-2020-35559
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an unused function that allows an authenticated attacker to use up all available IPs of an account and thus not allow creation of new devices and users...
CVE-2024-35559
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/infoMovedeal.php?mudi=rev=close...
CentOS 7 : java-1.8.0-ibm (RHSA-2021:5030)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:5030 advisory. - Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Swing. Supported versions that are affected are...
Amazon Linux 2 : java-11-openjdk (ALASJAVA-OPENJDK11-2024-009)
The version of java-11-openjdk installed on the remote host is prior to 11.0.13.0.8-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2JAVA-OPENJDK11-2024-009 advisory. Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE...
CVE-2024-35559
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/infoMovedeal.php?mudi=rev&nohrefStr=close...
CVE-2024-35559
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/infoMovedeal.php?mudi=rev&nohrefStr=close...
CVE-2024-35559
idccms v1.35 contains a Cross-Site Request Forgery (CSRF) vulnerability in the admin/infoMove_deal.php endpoint (parameters mudi and nohrefStr=close). CVSS v3.1 base score 8.8 (HIGH): Network attack vector, no privileges required, user interaction required, and with high confidentiality, integrit...
SUSE SLES12: java-1_7_0-openjdk / java-1_7_0-openjdk-demo / etc (SUSE-SU-2021:3797-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3797-1 advisory. Update to OpenJDK 7u321 October 2021 CPU: - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS bsc1191901. -...
Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affect Liberty for Java for IBM Cloud October 2021 CPU
Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with Liberty for Java for IBM Cloud. These might affect some configurations of Liberty for Java for IBM Cloud. These products have addressed the applicable CVEs. If you run your own Java code usin...
Security Bulletin: Multiple vulnerabilities have been identified in Oracle October 2021 CPU for Java 8 shipped with IBM® Intelligent Operations Center (CVE-2021-35560, CVE-2021-35586, CVE-2021-35578, CVE-2021-35564, CVE-2021-35559, CVE)
Summary Multiple vulnerabilities have been identified in Oracle October 2021 CPU for Java 8 which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs...
Fixed 50 CVEs in java-1.7.0-openjdk
Bump to 2.6.28 and OpenJDK 7u351-b01. - Security fixes in 7u351: - CVE-2022-21540: Improve class compilation JDK-8281859 - CVE-2022-21541: Enhance MethodHandle invocations JDK-8281866 - CVE-2022-34169: Improve Xalan supports JDK-8285407 - Security fixes in 7u341: - CVE-2022-21426: Better XPath...
CVE-2022-35559
A stack overflow vulnerability exists in /goform/setAutoPing in Tenda W6 V1.0.0.94122, which allows an attacker to construct ping1 parameters and ping2 parameters for a stack overflow attack. An attacker can use this vulnerability to execute arbitrary code execution...
CVE-2022-35559
A stack overflow vulnerability exists in /goform/setAutoPing in Tenda W6 V1.0.0.94122, which allows an attacker to construct ping1 parameters and ping2 parameters for a stack overflow attack. An attacker can use this vulnerability to execute arbitrary code execution...
CVE-2022-35559
A stack overflow vulnerability exists in /goform/setAutoPing in Tenda W6 V1.0.0.94122, which allows an attacker to construct ping1 parameters and ping2 parameters for a stack overflow attack. An attacker can use this vulnerability to execute arbitrary code execution...
CVE-2022-35559
CVE-2022-35559 is a stack overflow in Tenda W6’s /goform/setAutoPing (v1.0.0.9(4122)) that could allow a remote attacker to trigger arbitrary code execution. Multiple sources (NVD, Red Hat, CNVD, PT Security) describe a vulnerability in the setAutoPing endpoint causing buffer overflow. The primar...