Security Bulletin: A vulnerability in IBM Java SDK affects Rational Application Developer for WebSphere (CVE-2014-0453)

Summary There is a vulnerability in IBM SDK Java Technology Edition, Versions 5, 6, and 7 that is used by Rational Application Developer for WebSphere. This issue was disclosed as part of the IBM Java SDK updates in April 2014. Vulnerability Details | Subscribe to My Notifications to be notified ...

dpdk: possible memory leak leads to denial of service

A flaw was found in dpdk where a malicious master, or a container with access to vhostuser socket, can send specially crafted VRINGSETNUM messages, resulting in a memory leak including file descriptors. This flaw could lead to a denial of service condition...

CVE-2019-14843

A flaw was found in Wildfly Security Manager, running under JDK 11 or 8, that authorized requests for any requester. This flaw could be used by a malicious app deployed on the app server to access unauthorized information and possibly conduct further attacks. Versions shipped with Red Hat Jboss E...

JDK: Unrestricted access to diagnostic operations

From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks...

UBUNTU-CVE-2019-14563

Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access...

EulerOS 2.0 SP2 : java-1.8.0-openjdk (EulerOS-SA-2019-2374)

According to the version of the java-1.8.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.Security...

JDK: Unrestricted access to diagnostic operations

From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks...

Autodesk FBX Software Development Kit Buffer Overflow Vulnerability

Autodesk FBX Software Development Kit is a software development kit SDK for working with FBX format files from Autodesk USA. A buffer overflow vulnerability exists in the Autodesk FBX Software Development Kit. The vulnerability originates when a networked system or product performs an operation i...

CVE-2019-7366

Buffer overflow vulnerability in Autodesk FBX Software Development Kit version 2019.5. A user may be tricked into opening a malicious FBX file which may exploit a buffer overflow vulnerability causing it to run arbitrary code on the system...

CVE-2019-7366

Buffer overflow vulnerability in Autodesk FBX Software Development Kit version 2019.5. A user may be tricked into opening a malicious FBX file which may exploit a buffer overflow vulnerability causing it to run arbitrary code on the system...

wildfly-security-manager: security manager authorization bypass

A flaw was found in Wildfly Security Manager, running under JDK 11 or 8, that authorized requests for any requester. This flaw could be used by a malicious app deployed on the app server to access unauthorized information and possibly conduct further attacks...

Weak Password Vulnerability in Tianrongxin NGFW® Next-Generation Firewall

NGFW®, the next-generation firewall of TIANRONGXIN, adopts its own patented operating system NGTOS and security engine, utilizes the advanced Intel® Xeon® processor family and integrates the packet processing framework provided by Intel® Data Plane Development Kit to provide network processing...

wildfly-security-manager: security manager authorization bypass

A flaw was found in Wildfly Security Manager, running under JDK 11 or 8, that authorized requests for any requester. This flaw could be used by a malicious app deployed on the app server to access unauthorized information and possibly conduct further attacks...

wildfly-security-manager: security manager authorization bypass

A flaw was found in Wildfly Security Manager, running under JDK 11 or 8, that authorized requests for any requester. This flaw could be used by a malicious app deployed on the app server to access unauthorized information and possibly conduct further attacks...

Security Bulletin: Multiple security vulnerabilities have been identified in IBM® SDK Java™ Technology Edition, Version 6 shipped with IBM Netezza Analytics

Summary IBM Netezza Analytics does not use IBM SDK, Java Technology Edition, therefore the April IBM Java SDK update was not applicable to IBM Netezza Analytics. If you developed code using the IBM Java SDK that is shipped with IBM Netezza Analytics, you should evaluate your code to determine...

The vulnerability of the OpenJDK project for the Java programming language stems from lack of access control, allowing attackers to gain access to confidential data.

The vulnerability of the OpenJDK project for the Java programming language is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to confidential data...

wildfly-security-manager: security manager authorization bypass

A flaw was found in Wildfly Security Manager, running under JDK 11 or 8, that authorized requests for any requester. This flaw could be used by a malicious app deployed on the app server to access unauthorized information and possibly conduct further attacks...

The vulnerability of Intel Remote Displays SDK’s remote screens involves permission processing errors, allowing attackers to escalate their privileges.

The vulnerability of Intel Remote Displays SDK’s remote screens involves permission processing errors. Exploiting this vulnerability can allow attackers to enhance their privileges...

CVE-2019-14940

In Storage Performance Development Kit SPDK before 19.07, a user of a vhost can cause a crash if the target is sent invalid input...

CVE-2019-14940

In Storage Performance Development Kit SPDK before 19.07, a user of a vhost can cause a crash if the target is sent invalid input...