16 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-20269
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the permissions of a log file created by kexec-tools. This flaw allows a local unprivileged user to read this file and leak kernel internal...
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2024-2588)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
libjpeg-turbo: heap-buffer-overflow vulnerability in decompress_smooth_data in jdcoefct.c
A heap buffer over-read flaw was found in libjpeg-turbo. For certain types of smoothed jpeg images, the decompresssmoothdata function may improperly enter a condition statement that leads to heap memory read of uninitialized data, which may cause an application crash or loss of confidentiality...
Huawei HarmonyOS Security Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from a broadcast privilege control type vulnerability in the Bluetooth module. Successful...
SUSE CVE-2013-5780
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to...
SUSE CVE-2013-5800
Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JGSS...
Huawei HarmonyOS 访问控制错误漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from the fact that some interfaces in the package management module are not authenticated an...
UBUNTU-CVE-2020-25657
A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS1 v1.5 Ciphertext. The highest threat from this vulnerability is to confidentiality...
SUSE-SU-2017:2449-1 Recommended update for apache2
This update for apache2 provides the following fixes: Security issues fixed: CVE-2017-9788: The value placeholder in Proxy-Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by modauthdigest. Providing an initial key with no '='...
OpenJDK: kerberos realm name leak (JGSS, 8048030)
Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JGSS...
The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality of protected information.
The vulnerability of the 389-ds-base-devel-1.3.1.6 package in the Red Hat Enterprise Linux operating system can lead to a violation of the confidentiality of protected information. This vulnerability can be exploited remotely...
DEBIAN-CVE-2014-6591
Unspecified vulnerability in the Java SE component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6585...
JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality via unknown vectors related to Deployment...
OpenJDK: com.sun.xml.internal.* not restricted packages (JAX-WS, 7201068)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11 and 6 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the February 2013 CPU...
OpenJDK: InputStream skip() information leak (Networking/IO, 7000600)
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.233 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown...
OpenJDK Policy/PolicyFile leak dynamic ProtectionDomains. (6633872)
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0091...