2625 matches found
Sandbox Restrictions Bypass
IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security...
Arbitrary Code Execution
IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security...
Sandbox Restrictions Bypass
OpenJDK 7 Java Runtime Environment and Software Development Kit is susceptible to sandbox restriction bypass. Due to the flaws in ImagingLib and the image attribute, channel, layout and raster processing in the 2D component, it does not prevent an untrusted Java application or applet to trigger...
Sandbox Restrictions Bypass
OpenJDK 7 Java Runtime Environment and Software Development Kit is susceptible to sandbox restriction bypass. Due to the flaws in ImagingLib and the image attribute, channel, layout and raster processing in the 2D component, it does not prevent an untrusted Java application or applet to trigger...
Permission Check Bypass
OpenJDK 7 Java Runtime Environment and OpenJDK 7 Software Development Kit is vulnerable to permission check bypass. The attack is due to incorrect setter access check in MethodHandles.java, allowing an attacker to set value of a final field...
Sandbox Restrictions Bypass
OpenJDK 7 Java Runtime Environment and OpenJDK 7 Software Development Kit is vulnerable to sandbox restrictions bypass. It is due to improper method-invocation restrictions by the MethodUtil trampoline class allowing remote attackers to bypass the Java sandbox...
Information Disclosure
IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security...
Information Disclosure
IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security...
Arbitrary Code Execution
IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security...
SUSE SLED12 Security Update : ntfs-3g_ntfsprogs (SUSE-SU-2019:1000-1)
This update for ntfs-3gntfsprogs fixes the following issues : Security issues fixed : CVE-2019-9755: Fixed a heap-based buffer overflow which could lead to local privilege escalation bsc1130165. Note that Tenable Network Security has extracted the preceding description block directly from the SUS...
Microsoft Open Enclave SDK Information Disclosure Vulnerability
Microsoft Open Enclave SDK is a Microsoft SDK Software Development Kit for building secure zone applications in C and C ++. An information disclosure vulnerability exists in the Open Enclave SDK, which arises from errors such as configuration during operation of a networked system or product. An...
EDK2 Memory Write Vulnerability
EDK2 is a set of cross-platform firmware development environment based on UEFI and PI specifications. A security vulnerability exists in EDK2's SMM service that stems from the program's failure to adequately perform memory write checks. A local attacker could exploit the vulnerability to elevate...
EDK2 Buffer Overflow Vulnerability (CNVD-2019-08728)
EDK2 is a set of cross-platform firmware development environment based on UEFI and PI specifications. A buffer overflow vulnerability exists in EDK2's DxeCore, which can be exploited by a local attacker to elevate privileges, disclose information, and/or cause a denial of service...
DEBIAN-CVE-2018-12183
Stack overflow in DxeCore for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access...
UBUNTU-CVE-2019-0161
Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial of service via local access...
UBUNTU-CVE-2018-3613
Logic issue in variable service module for EDK II/UDK2018/UDK2017/UDK2015 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access...
Virtuozzo 6 : java-1.7.0-openjdk / java-1.7.0-openjdk-demo / etc (VZLSA-2019-0462)
An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Intel SGX SDK Double Release Vulnerability
Intel SGX SDK is a set of software development kits based on SGX Intel Software Security Extensions technology from the U.S. company Intel Intel. A double release vulnerability exists in Intel SGX SDK. An attacker could exploit this vulnerability to disclose information...
The vulnerability of the web server for the software development tools, Intel Data Center Manager SDK, allows a perpetrator to increase their privileges.
The vulnerability of the Intel Data Center Manager SDK, a tool for developing software, is related to improper session management. Exploiting this vulnerability can allow attackers to enhance their privileges...
JDK: buffer overflow in jio_snprintf() and jio_vsnprintf()
In Eclipse OpenJ9, prior to the 0.12.0 release, the jiosnprintf and jiovsnprintf native methods ignored the length parameter. This affects existing APIs that called the functions to exceed the allocated buffer. This functions were not directly callable by non-native user code...