1683 matches found
DEBIAN-CVE-2023-29535
Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash. This vulnerability affects Firefox 112, Focus for Android 112, Firefox ESR 102.10, Firefox for Android 112, and...
USN-6077-1: OpenJDK vulnerabilities
Ben Smyth discovered that OpenJDK incorrectly handled half-duplex connections during TLS handshake. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. CVE-2023-21930 It was discovered that OpenJDK incorrectly handled certain inputs. An attacker could...
USN-6077-1 openjdk-8, openjdk-lts, openjdk-17, openjdk-20 vulnerabilities
Ben Smyth discovered that OpenJDK incorrectly handled half-duplex connections during TLS handshake. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. CVE-2023-21930 It was discovered that OpenJDK incorrectly handled certain inputs. An attacker could...
kernel: ICMPv6 “Packet Too Big” packets force a DoS of the Linux kernel by forcing 100% CPU
A flaw in the routing table size was found in the ICMPv6 handling of "Packet Too Big". The size of the routing table is regulated by periodic garbage collection. However, with "Packet Too Big Messages" it is possible to exceed the routing table size and garbage collector threshold. A user located...
OpenJDK: incorrect enqueue of references in garbage collector (8298191)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...
OpenJDK: incorrect enqueue of references in garbage collector (8298191)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...
OpenJDK: incorrect enqueue of references in garbage collector (8298191)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...
Mozilla: Potential Memory Corruption following Garbage Collector compaction
The Mozilla Foundation Security Advisory describes this flaw as: Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash...
Mozilla: Potential Memory Corruption following Garbage Collector compaction
The Mozilla Foundation Security Advisory describes this flaw as: Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash...
Mozilla: Potential Memory Corruption following Garbage Collector compaction
The Mozilla Foundation Security Advisory describes this flaw as: Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash...
Mozilla: Potential Memory Corruption following Garbage Collector compaction
The Mozilla Foundation Security Advisory describes this flaw as: Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash...
Mozilla: Potential Memory Corruption following Garbage Collector compaction
The Mozilla Foundation Security Advisory describes this flaw as: Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash...
Mozilla: Potential Memory Corruption following Garbage Collector compaction
The Mozilla Foundation Security Advisory describes this flaw as: Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash...
Mozilla: Potential Memory Corruption following Garbage Collector compaction
The Mozilla Foundation Security Advisory describes this flaw as: Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash...
Mozilla: Potential Memory Corruption following Garbage Collector compaction
The Mozilla Foundation Security Advisory describes this flaw as: Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash...
SUSE CVE-2023-29535
Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash. This vulnerability affects Firefox 112, Focus for Android 112, Firefox ESR 102.10, Firefox for Android 112, and...
PT-2023-22312 · Cesanta · Cesanta Mjs
Name of the Vulnerable Software and Affected Versions: Cesanta MJS version 2.20.0 Description: The issue is related to a SEGV vulnerability via gc sweep at src/mjs gc.c, which can lead to a Denial of Service DoS. Recommendations: For Cesanta MJS version 2.20.0, at the moment, there is no...
CVE-2022-43928
The IBM Toolbox for Java Db2 Mirror for i 7.4 and 7.5 could allow a user to obtain sensitive information, caused by utilizing a Java string for processing. Since Java strings are immutable, their contents exist in memory until garbage collected. This means sensitive data could be visible in memor...
CVE-2020-23257
Buffer Overflow vulnerability found in Espruino 2v05.41 allows an attacker to cause a denial of service via the function jsvGarbageCollectMarkUsed in file src/jsvar.c...
CVE-2022-3510
A flaw was found in Message-Type Extensions in protobuf-java core that can lead to a denial of service. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields can cause objects to convert between mutable and immutable forms, resulting in long garbag...