106 matches found
Important: Red Hat Security Advisory: java-1.8.0-ibm security update
An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Important: Red Hat Security Advisory: java-1.8.0-ibm security update
An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 6 : java-1.7.1-ibm (RHSA-2020:2236)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2236 advisory. IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IB...
RUSTSEC-2020-0019 tokio-rustls reads may cause excessive memory usage
tokio-rustls does not call processnewpackets immediately after read, so the expected termination condition wantsread always returns true. As long as new incoming data arrives faster than it is processed and the reader does not return pending, data will be buffered. This may cause DoS...
Denial Of Service (DoS)
OpenSSL is vulnerable to denial of service flaw. Flaws in OpenSSL's DTLS implementation allows a remote attacker to cause a DTLS server to use excessive amounts of memory, or crash on an invalid memory access or NULL pointer dereference...
Denial Of Service (DoS)
pidgin is vulnerable to denial of service. A denial of service flaw was found in the Pidgin OSCAR protocol implementation. If a remote ICQ user sent a web message to a local Pidgin user using this protocol, it would cause excessive memory usage, leading to a denial of service Pidgin crash...
Denial Of Service (DoS)
Apache Tika parser is vulnerable to denial of service. The vulnerability exists as the value of imageResourcesSectionSize could cause excessive memory usage and potentially leads to an application crash...
Important: Red Hat Security Advisory: java-1.7.0-openjdk security update
An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
MGASA-2020-0069 Updated java-1.8.0-openjdk packages fix security vulnerabilities
The updated packages fix security vulnerabilities: Improper checks of SASL message properties in GssKrb5Base Security, 8226352 CVE-2020-2590 Incorrect exception processing during deserialization in BeanContextSupport Serialization, 8224909 CVE-2020-2583 Incorrect isBuiltinStreamHandler causing UR...
Huawei EulerOS: Security Advisory for dovecot (EulerOS-SA-2019-2138)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x i386/x86_64 (20200121)
Security Fixes : - OpenJDK: Use of unsafe RSA-MD5 checkum in Kerberos TGS Security, 8229951 CVE-2020-2601 - OpenJDK: Serialization filter changes via jdk.serialFilter property modification Serialization, 8231422 CVE-2020-2604 - OpenJDK: Improper checks of SASL message properties in GssKrb5Base...
OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037)
Vulnerability in the Java SE product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE...
RHEL 6 : java-1.8.0-openjdk (RHSA-2020:0157)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0157 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...
OPENSUSE-SU-2019:2120-1 Security update for nginx
This update for nginx fixes the following issues: Security issues fixed: - CVE-2019-9511: Fixed a denial of service by manipulating the window size and stream prioritization bsc1145579. - CVE-2019-9513: Fixed a denial of service caused by resource loops bsc1145580. - CVE-2019-9516: Fixed a denial...
Excessive memory usage in HTTP/2 with zero length headers
Excessive memory usage in HTTP/2 with zero length headers Severity: low CVE-2019-9516 Not vulnerable: 1.17.3+, 1.16.1+ Vulnerable: 1.9.5-1.17.2...
Denial of service
A denial of service flaw was found in dovecot before 2.2.34. An attacker able to generate random SNI server names could exploit TLS SNI configuration lookups, leading to excessive memory usage and the process to restart...
The vulnerability of the Android CAF-release operating system, related to resource management errors, allows attackers to exploit excessive memory usage.
The vulnerability of the Android CAF-release operating system is related to resource management errors. Exploiting this vulnerability allows a remote attacker to utilize excessive memory during file loading...
Critical: java-1.8.0-openjdk
Issue Overview: It was discovered that the ObjectInputStream class in the Serialization component of OpenJDK failed to properly ensure thread consistency when deserializing serialized input. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions...
Amazon Linux AMI : bind (ALAS-2015-465)
A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash. CVE-2014-8500 C Tenable...
python2: multiple issues
CVE-2013-1752 denial of service Multiple unbound readline flaws in python stdlib were found, which can lead to excessive memory usage if a malicious or broken server sends excessively long lines without any line breaks. - CVE-2013-1753 denial of service The XMLRPC library is vulnerable to...