10 matches found
OpenJDK: Certificate blacklist bypass via alternate certificate encodings (Libraries, 8237995)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...
Security Bulletin: Multiple security vulnerabilities has been identified in Websphere Application Server shipped with Tivoli Integrated Portal (CVE-2015-7450) (CVE-2015-2017)
Summary Embedded version of Websphere Application Server is shipped as a component of Tivoli Integrated Portal. Information about the security vulnerabilities affecting Embedded version of Websphere Application Server has been published in a security bulletin. Vulnerability Details Please consult...
UBUNTU-CVE-2017-10388
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
CVE-2017-3289
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Hotspot. Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols...
OpenJDK: insufficient byte type checks (Hotspot, 8132051)
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the Hotspot sub-component...
OpenJDK: JTable not properly performing certain access checks (Swing, 8013744)
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Swing...
CVE-2008-4866
Multiple buffer overflows in libavformat/utils.c in FFmpeg 0.4.9 before r14715, as used by MPlayer, allow context-dependent attackers to have an unknown impact via vectors related to execution of DTS generation code with a delay greater than MAXREORDERDELAY...
FreeBSD : pear-XML_RPC -- remote PHP code injection vulnerability (e65ad1bf-0d8b-11da-90d0-00304823c0d3)
A Hardened-PHP Project Security Advisory reports : When the library parses XMLRPC requests/responses, it constructs a string of PHP code, that is later evaluated. This means any failure to properly handle the construction of this string can result in arbitrary execution of PHP code. This new...
Acme thttpd 1.92.0.x - CGI Test Script Cross-Site Scripting
Acme thttpd 1.92.0.x - CGI Test Script Cross-Site Scripting source: https://www.securityfocus.com/bid/9474/info thttpd is prone to a cross-site scripting vulnerability in the CGI test script. This could permit a remote attacker to create a malicious link to the web server that includes hostile HT...
Acme thttpd 1.9/2.0.x - CGI Test Script Cross-Site Scripting
source: https://www.securityfocus.com/bid/9474/info thttpd is prone to a cross-site scripting vulnerability in the CGI test script. This could permit a remote attacker to create a malicious link to the web server that includes hostile HTML and script code. If this link were followed, the hostile...