Lucene search
K

106 matches found

RedHat Linux
RedHat Linux
added 2020/05/20 4:26 p.m.110 views

Important: Red Hat Security Advisory: java-1.8.0-ibm security update

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

8.3CVSS6.7AI score0.0623EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2020/05/20 3:10 p.m.124 views

Important: Red Hat Security Advisory: java-1.8.0-ibm security update

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.3CVSS6.7AI score0.0623EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2020/05/20 12:0 a.m.41 views

RHEL 6 : java-1.7.1-ibm (RHSA-2020:2236)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2236 advisory. IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IB...

8.3CVSS6.8AI score0.0623EPSS
Exploits0References18
OSV
OSV
added 2020/05/19 12:0 p.m.23 views

RUSTSEC-2020-0019 tokio-rustls reads may cause excessive memory usage

tokio-rustls does not call processnewpackets immediately after read, so the expected termination condition wantsread always returns true. As long as new incoming data arrives faster than it is processed and the reader does not return pending, data will be buffered. This may cause DoS...

7.5CVSS7.5AI score0.01336EPSS
Exploits0References3
Veracode
Veracode
added 2020/04/10 12:42 a.m.36 views

Denial Of Service (DoS)

OpenSSL is vulnerable to denial of service flaw. Flaws in OpenSSL's DTLS implementation allows a remote attacker to cause a DTLS server to use excessive amounts of memory, or crash on an invalid memory access or NULL pointer dereference...

5CVSS4.4AI score0.80134EPSS
Exploits9References171Affected Software1
Veracode
Veracode
added 2020/04/10 12:33 a.m.23 views

Denial Of Service (DoS)

pidgin is vulnerable to denial of service. A denial of service flaw was found in the Pidgin OSCAR protocol implementation. If a remote ICQ user sent a web message to a local Pidgin user using this protocol, it would cause excessive memory usage, leading to a denial of service Pidgin crash...

5CVSS2.6AI score0.03377EPSS
Exploits1References18Affected Software1
Veracode
Veracode
added 2020/03/19 4:26 a.m.26 views

Denial Of Service (DoS)

Apache Tika parser is vulnerable to denial of service. The vulnerability exists as the value of imageResourcesSectionSize could cause excessive memory usage and potentially leads to an application crash...

5.5CVSS5.5AI score0.02926EPSS
Exploits0References7Affected Software1
RedHat Linux
RedHat Linux
added 2020/02/27 3:34 p.m.71 views

Important: Red Hat Security Advisory: java-1.7.0-openjdk security update

An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.1CVSS6.6AI score0.04903EPSS
Exploits0References8
OSV
OSV
added 2020/01/30 6:28 p.m.10 views

MGASA-2020-0069 Updated java-1.8.0-openjdk packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Improper checks of SASL message properties in GssKrb5Base Security, 8226352 CVE-2020-2590 Incorrect exception processing during deserialization in BeanContextSupport Serialization, 8224909 CVE-2020-2583 Incorrect isBuiltinStreamHandler causing UR...

8.1CVSS6.3AI score0.04903EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.28 views

Huawei EulerOS: Security Advisory for dovecot (EulerOS-SA-2019-2138)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.2AI score0.62579EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/01/22 12:0 a.m.52 views

Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x i386/x86_64 (20200121)

Security Fixes : - OpenJDK: Use of unsafe RSA-MD5 checkum in Kerberos TGS Security, 8229951 CVE-2020-2601 - OpenJDK: Serialization filter changes via jdk.serialFilter property modification Serialization, 8231422 CVE-2020-2604 - OpenJDK: Improper checks of SASL message properties in GssKrb5Base...

8.1CVSS6.4AI score0.04903EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2020/01/21 3:10 a.m.5 views

OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037)

Vulnerability in the Java SE product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE...

4.3CVSS7.3AI score0.03823EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/01/21 12:0 a.m.38 views

RHEL 6 : java-1.8.0-openjdk (RHSA-2020:0157)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0157 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...

8.1CVSS6.8AI score0.04903EPSS
Exploits0References16
OSV
OSV
added 2019/09/10 6:18 p.m.12 views

OPENSUSE-SU-2019:2120-1 Security update for nginx

This update for nginx fixes the following issues: Security issues fixed: - CVE-2019-9511: Fixed a denial of service by manipulating the window size and stream prioritization bsc1145579. - CVE-2019-9513: Fixed a denial of service caused by resource loops bsc1145580. - CVE-2019-9516: Fixed a denial...

8.2CVSS6.9AI score0.82017EPSS
Exploits1References13
Nginx
Nginx
added 2019/08/13 8:50 p.m.621 views

Excessive memory usage in HTTP/2 with zero length headers

Excessive memory usage in HTTP/2 with zero length headers Severity: low CVE-2019-9516 Not vulnerable: 1.17.3+, 1.16.1+ Vulnerable: 1.9.5-1.17.2...

7.5CVSS3.2AI score0.56262EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2018/03/02 3:29 p.m.24 views

Denial of service

A denial of service flaw was found in dovecot before 2.2.34. An attacker able to generate random SNI server names could exploit TLS SNI configuration lookups, leading to excessive memory usage and the process to restart...

4.3CVSS5.9AI score0.02643EPSS
Exploits0References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2017/09/01 12:0 a.m.7 views

The vulnerability of the Android CAF-release operating system, related to resource management errors, allows attackers to exploit excessive memory usage.

The vulnerability of the Android CAF-release operating system is related to resource management errors. Exploiting this vulnerability allows a remote attacker to utilize excessive memory during file loading...

10CVSS7.8AI score0.00964EPSS
Exploits0References2
Amazon
Amazon
added 2016/04/21 12:0 a.m.59 views

Critical: java-1.8.0-openjdk

Issue Overview: It was discovered that the ObjectInputStream class in the Serialization component of OpenJDK failed to properly ensure thread consistency when deserializing serialized input. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions...

10CVSS8.9AI score0.92334EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2015/01/09 12:0 a.m.36 views

Amazon Linux AMI : bind (ALAS-2015-465)

A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash. CVE-2014-8500 C Tenable...

7.8CVSS6.6AI score0.65683EPSS
Exploits0References2
ArchLinux
ArchLinux
added 2014/12/15 12:0 a.m.64 views

python2: multiple issues

CVE-2013-1752 denial of service Multiple unbound readline flaws in python stdlib were found, which can lead to excessive memory usage if a malicious or broken server sends excessively long lines without any line breaks. - CVE-2013-1753 denial of service The XMLRPC library is vulnerable to...

5.8CVSS0.4AI score0.03913EPSS
Exploits2References8
Rows per page
Query Builder