3647 matches found
OpenJDK: integer overflow in C1 compiler address generation (8322122)
A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalV...
OpenJDK: integer overflow in C1 compiler address generation (8322122)
A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalV...
Mozilla: Out-of-bounds-read after mis-optimized switch statement
The Mozilla Foundation Security Advisory describes this flaw as: In some code patterns the JIT incorrectly optimized switch statements and generated code with out-of-bounds-reads...
Mozilla: GetBoundName in the JIT returned the wrong object
The Mozilla Foundation Security Advisory describes this flaw as: GetBoundName could return the wrong version of an object when JIT optimizations were applied...
Mozilla: GetBoundName in the JIT returned the wrong object
The Mozilla Foundation Security Advisory describes this flaw as: GetBoundName could return the wrong version of an object when JIT optimizations were applied...
Mozilla: Out-of-bounds-read after mis-optimized switch statement
The Mozilla Foundation Security Advisory describes this flaw as: In some code patterns the JIT incorrectly optimized switch statements and generated code with out-of-bounds-reads...
OpenJDK: integer overflow in C1 compiler address generation (8322122)
A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalV...
Oracle OpenJDK 8.x - 21.x Vulnerability (Apr 2024)
Oracle OpenJDK is prone to a vulnerability in the hotspot/compiler component. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
OpenJDK: integer overflow in C1 compiler address generation (8322122)
A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalV...
OpenJDK: integer overflow in C1 compiler address generation (8322122)
A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalV...
OpenJDK: integer overflow in C1 compiler address generation (8322122)
A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalV...
OpenJDK: integer overflow in C1 compiler address generation (8322122)
A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalV...
OpenJDK: integer overflow in C1 compiler address generation (8322122)
A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalV...
CVE-2024-26858 net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadatamap Just simply reordering the functions mlx5eptpmetadatamapput and mlx5eptpsqtrackmetadata in the mlx5etxwqecomplete...
OpenJDK: integer overflow in C1 compiler address generation (8322122)
A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalV...
CVE-2024-21098
CVE-2024-21098 affects Oracle GraalVM for JDK (versions 17.0.10, 21.0.2, 22) and Oracle GraalVM Enterprise Edition (20.3.13, 21.3.9). The vulnerability can be exploited by an unauthenticated attacker over the network via multiple protocols to cause a partial denial of service. The connected docum...
PT-2024-3723 · Oracle +1 · Oracle Graalvm Enterprise Edition +2
Name of the Vulnerable Software and Affected Versions: Oracle GraalVM for JDK versions 17.0.10, 21.0.2, 22 Oracle GraalVM Enterprise Edition versions 20.3.13, 21.3.9 Description: The issue is related to insufficient protection of internal data in the Compiler component of Oracle GraalVM for JDK a...
Moderate: Red Hat Security Advisory: Custom Metrics Autoscaler Operator for Red Hat OpenShift 2.12.1-376 Bug Fixes
Custom Metrics Autoscaler Operator for Red Hat OpenShift including security updates. The following updates for the Custom Metric Autoscaler operator for Red Hat OpenShift are now available: custom-metrics-autoscaler-adapter-container custom-metrics-autoscaler-admission-webhooks-container...
[SECURITY] Fedora 39 Update: rust-1.77.2-1.fc39
Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This package includes the Rust compiler and documentation generator...
Security Bulletin: IBM Cloud Pak for Data Scheduling is vulnerable to directory traversal due to golang compiler ( CVE-2023-45283,CVE-2023-45284, CVE-2023-45285 )
Summary Golang compiler is used by IBM Cloud Pak for Data Scheduling to create the scheduler binaries. Vulnerability Details CVEID:CVE-2023-45283 DESCRIPTION: Golang Go could allow a remote attacker to traverse directories on the system, caused by the failure to recognize paths with a ??\ prefix...