Lucene search
+L

246 matches found

RedHat Linux
RedHat Linux
added 2021/10/20 1:47 p.m.8 views

OpenJDK: Excessive memory allocation in RTFParser (Swing, 8265167)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Swing. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...

5.3CVSS6.9AI score0.07819EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/10/20 1:36 p.m.5 views

OpenJDK: Excessive memory allocation in HashMap and HashSet (Utility, 8266097)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Utility. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...

5.3CVSS7.4AI score0.06468EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/10/20 1:21 p.m.6 views

OpenJDK: Excessive memory allocation in RTFParser (Swing, 8265167)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Swing. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...

5.3CVSS6.9AI score0.07819EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/10/20 1:12 p.m.2 views

OpenJDK: Excessive memory allocation in RTFReader (Swing, 8265580)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Swing. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...

5.3CVSS6.9AI score0.14839EPSS
Exploits0References4
OSV
OSV
added 2021/10/20 12:41 p.m.41 views

RLSA-2021:3891 Important: java-11-openjdk security update

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixes: OpenJDK: Loop in HttpsServer triggered during TLS session close JSSE, 8254967 CVE-2021-35565 OpenJDK: Incorrect principal selection when using Kerberos...

6.8CVSS6.5AI score0.14839EPSS
Exploits0References11
OPENSUSE Linux
OPENSUSE Linux
added 2021/08/10 12:0 a.m.80 views

Security update for apache-commons-compress (important)

openSUSE Security Update: Security update for apache-commons-compress Announcement ID: openSUSE-SU-2021:1115-1 Rating: important References: 1188463 1188464 1188465 1188466 Cross-References: CVE-2021-35515 CVE-2021-35516 CVE-2021-35517 CVE-2021-36090 CVSS scores: CVE-2021-35515 NVD : 7.5...

7.5CVSS6.4AI score0.12945EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/07/21 12:0 a.m.101 views

Oracle Linux 8 : systemd (ELSA-2021-2717)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-2717 advisory. 239-45.0.2 - Disable unprivileged BPF by default Orabug: 32870980 - backport upstream pstore tmpfiles patch Orabug: 31420486 - udev rules: fix memory hot add an...

5.5CVSS6.6AI score0.0865EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2021/06/01 12:0 a.m.62 views

Ubuntu 18.04 LTS / 20.04 LTS : libwebp vulnerabilities (USN-4971-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4971-1 advisory. It was discovered that libwebp incorrectly handled certain malformed images. If a user or automated system were tricked into opening a...

9.8CVSS7.9AI score0.02662EPSS
Exploits0References12
Microsoft CVE
Microsoft CVE
added 2021/05/25 7:0 a.m.5 views

A flaw was found in libwebp in versions before 1.0.1. When reading a file libwebp allocates an excessive amount of memory. The highest threat from this vulnerability is to the service availability.

...

7.5CVSS7AI score0.01966EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2018:3465-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS8.1AI score0.03645EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/01/14 12:0 a.m.36 views

FreeBSD : jenkins -- multiple vulnerabilities (d6f76976-e86d-4f9a-9362-76c849b10db2)

Jenkins Security Advisory : DescriptionMedium SECURITY-1452 / CVE-2021-21602 Arbitrary file read vulnerability in workspace browsers High SECURITY-1889 / CVE-2021-21603 XSS vulnerability in notification bar High SECURITY-1923 / CVE-2021-21604 Improper handling of REST API XML deserialization erro...

8CVSS5.8AI score0.02226EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/12/16 12:0 a.m.56 views

JFrog Artifactory < 7.10.5 Multiple Vulnerabilities

According to its self-reported version number, the version of JFrog Artifactory installed on the remote machine is prior to 7.10.5. It is, therefore, affected by multiple vulnerabilities: - CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attackers to...

7.5CVSS7AI score0.0895EPSS
Exploits1References3
Veracode
Veracode
added 2020/09/21 6:19 a.m.29 views

Denial Of Service (DoS)

binutils is vulnerable to denial of service DoS. The vulnerability exists through an excessive memory allocation in bfdelfslurpversiontables in elf.c...

5.5CVSS2.9AI score0.01097EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2020/09/06 8:33 p.m.8 views

MGASA-2020-0364 Updated python-rsa packages fix security vulnerability

Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext. This could conceivably have a security-relevant impact, e.g., by helping an attacker to infer that an application uses Python-RSA, or if the length of accepted ciphertext affects application behavior such as by...

7.5CVSS7.4AI score0.01359EPSS
Exploits1References3
Microsoft CVE
Microsoft CVE
added 2020/08/18 12:0 a.m.2 views

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd) as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in elf_read_notes in elf.c.

...

5.5CVSS6.6AI score0.01228EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2020/06/11 7:9 a.m.4 views

cryptacular: excessive memory allocation during a decode operation

CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted input within the header of encoded data...

7.5CVSS7.4AI score0.03334EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2020/06/10 8:2 p.m.60 views

Denial of Service in Cryptacular

CiphertextHeader.java in Cryptacular before 1.2.4, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted input within the header of encoded data...

7.5CVSS4.8AI score0.03334EPSS
Exploits1References24Affected Software1
OpenVAS
OpenVAS
added 2020/04/30 12:0 a.m.51 views

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2020-1548)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.3AI score0.04037EPSS
Exploits9References2
OpenVAS
OpenVAS
added 2020/04/16 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for OpenEXR (EulerOS-SA-2020-1416)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.4AI score0.02001EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/03/13 12:0 a.m.39 views

Huawei EulerOS: Security Advisory for elfutils (EulerOS-SA-2020-1190)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.9AI score0.03691EPSS
Exploits7References2
Rows per page
Query Builder