RHEL 7 : java-1.8.0-openjdk (RHSA-2019:1815)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1815 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...

RHEL 7 : java-11-openjdk (RHSA-2019:1810)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1810 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...

Scientific Linux Security Update : java-1.8.0-openjdk on SL7.x x86_64 (20190722)

Security Fixes : - OpenJDK: Side-channel attack risks in Elliptic Curve EC cryptography Security, 8208698 CVE-2019-2745 - OpenJDK: Insufficient checks of suppressed exceptions in deserialization Utilities, 8212328 CVE-2019-2762 - OpenJDK: Unbounded memory allocation during deserialization in...

Oracle Linux 7 : java-1.8.0-openjdk (ELSA-2019-1815)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-1815 advisory. 1:1.8.0.222.b10-0 - Update to aarch64-shenandoah-jdk8u222-b10. - Resolves: rhbz1724452 1:1.8.0.222.b09-0 - Update to aarch64-shenandoah-jdk8u222-b09. -...

OpenJDK: Missing URL format validation (Networking, 8221518)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access v...

Moderate: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

OpenJDK: Missing URL format validation (Networking, 8221518)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access v...

Moderate: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

CVE-2019-0327

SAP NetWeaver for Java Application Server - Web Container, engineapi, versions 7.1, 7.2, 7.3, 7.31, 7.4 and 7.5, servercode, versions 7.2, 7.3, 7.31, 7.4, 7.5, allows an attacker to upload files including script files without proper file format validation...

Ruby on Rails Arbitrary File Read Vulnerability

Ruby on Rails is a very productive, high-maintenance, easy-to-deploy Ruby on Rails Ruby on Rails is a very productive, high-maintenance, and easy-to-deploy web development framework developed using Ruby, and is one of the preferred frameworks for web application development worldwide. Ruby on Rai...

CVE-2019-0259

SAP BusinessObjects, versions 4.2 and 4.3, Visual Difference allows an attacker to upload any file including script files without proper file format validation...

Input validation

SAP BusinessObjects, versions 4.2 and 4.3, Visual Difference allows an attacker to upload any file including script files without proper file format validation...

CVE-2019-0259

SAP BusinessObjects, versions 4.2 and 4.3, Visual Difference allows an attacker to upload any file including script files without proper file format validation...

Foxit Reader and Foxit PhantomPDF for Windows Remote Code Execution Vulnerability (CNVD-2018-21826)

Foxit Reader for Windows is a Windows-based PDF document reader from China's Foxit Foxit Software Corporation.Foxit PhantomPDF for Windows is its commercial version. A vulnerability exists in the handling of JSON objects in Foxit Reader 9.2.0.9297 and earlier versions and Foxit PhantomPDF...

SAP Internet Graphics Server Arbitrary File Upload Vulnerability

SAP Internet Graphics Server IGS is a graphics server from SAP, Germany. The product is capable of generating graphs or charts in different areas. A security vulnerability exists in SAP IGS that stems from the program's failure to properly validate file formats. An attacker could exploit the...

CVE-2018-2420

SAP Internet Graphics Server IGS, 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to upload any file including script files without proper file format validation...

SAP Disclosure Management File Upload Vulnerability

SAP Disclosure Management is an automated financial disclosure management system from SAP. The system provides a collaborative financial disclosure process across teams, geographies, systems and data sources. A security vulnerability exists in SAP Disclosure Management version 10.1, which stems...

CVE-2018-2404

SAP Disclosure Management 10.1 allows an attacker to upload any file without proper file format validation...

CVE-2018-2404

SAP Disclosure Management 10.1 allows an attacker to upload any file without proper file format validation...