Scientific Linux Security Update : java-11-openjdk on SL7.x x86_64 (20200421)

Security Fixes : - OpenJDK: Incorrect bounds checks in NIO Buffers Libraries, 8234841 CVE-2020-2803 - OpenJDK: Incorrect type checks in MethodType.readObject Libraries, 8235274 CVE-2020-2805 - OpenJDK: Application data accepted before TLS handshake completion JSSE, 8235691 CVE-2020-2816 - OpenJDK...

Scientific Linux Security Update : java-1.7.0-openjdk on SL7.x x86_64 (20200421)

Security Fixes : - OpenJDK: Incorrect bounds checks in NIO Buffers Libraries, 8234841 CVE-2020-2803 - OpenJDK: Incorrect type checks in MethodType.readObject Libraries, 8235274 CVE-2020-2805 - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory Security, 8231415...

Important: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network acce...

OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network acce...

OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network acce...

PMB 5.6 SQL Injection

Exploit Title: PMB 5.6 - 'logid' SQL Injection Google Dork: inurl:opaccss Date: 2020-04-20 Exploit Author: 41-trk Tarik Bakir Vendor Homepage: http://www.sigb.net Software Link: http://forge.sigb.net/redmine/projects/pmb/files Affected versions : = 5.6 -==== Software Description ====- PMB is a...

PMB 5.6 - 'logid' SQL Injection

Exploit Title: PMB 5.6 - 'logid' SQL Injection Google Dork: inurl:opaccss Date: 2020-04-20 Exploit Author: 41-trk Tarik Bakir Vendor Homepage: http://www.sigb.net Software Link: http://forge.sigb.net/redmine/projects/pmb/files Affected versions : = 5.6 -==== Software Description ====- PMB is a...

PMB 5.6 - (logid) SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: PMB 5.6 - 'logid' SQL Injection Google Dork: inurl:opaccss Exploit Author: 41-trk Tarik Bakir Vendor Homepage: http://www.sigb.net Software Link: http://forge.sigb.net/redmine/projects/pmb/files Affected versions : = 5.6 -====...

RHEL 7 : java-1.8.0-openjdk (RHSA-2020:1512)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1512 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...

RHEL 6 : java-1.7.0-openjdk (RHSA-2020:1508)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1508 advisory. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security...

RHEL 7 : java-1.7.0-openjdk (RHSA-2020:1507)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1507 advisory. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security...

Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by WebSphere Application Server which is shipped with IBM Security Access Manager for Enterprise Single Sign-On

Summary There are multiple vulnerabilities in the IBM HTTP Server used by IBM WebSphere Application Server. IBM WebSphere Application Server is shipped with IBM Security Access Manager for Enterprise Single Sign-On. Information about a security vulnerability affecting IBM WebSphere Application...

Security Bulletin: Multiple vulnerabilities in Apache HTTP Server affect Rational Build Forge (CVE-2018-1283, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2017-15710, CVE-2017-15715, CVE-2018-1301)

Summary There are multiple vulnerabilities in Apache HTTP Server affecting IBM Rational Build Forge. Vulnerability Details CVEID: CVE-2018-1283 DESCRIPTION: Apache HTTPD could allow a remote attacker to bypass security restrictions, caused by an error when modsession is configured with SessionEnv...

Security Bulletin: Multiple vulnerabilities in IBM HTTP Server affect Rational Build Forge (CVE-2017-15710, CVE-2017-15715, CVE-2018-1301)

Summary There are multiple vulnerabilities in the IBM® HTTP Server used by the Web Application Server, where the IBM Rational Build Forge is hosted. These vulnerabilities affect the Rational Build Forge resulting in denial-of-service allowing a remote attacker to exploit the vulnerability...

Security Bulletin: A Security vulnerability has been identified in Apache HTTP Server used by Rational Build Forge. (CVE-2017-9798)

Summary Apache HTTP Server has security vulnerability caused due to error in the HTTP Option method. Respective security vulnerability is discussed in detail in the subsequent section. Vulnerability Details CVEID: CVE-2017-9798 DESCRIPTION: Apache HTTP Server could allow a remote attacker to obta...

EulerOS 2.0 SP8 : httpd (EulerOS-SA-2020-1505)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with modrewrite that were intended to be self-referential might be fooled by encoded...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2020-1505)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM Rational ClearCase (CVE-2020-1927, CVE-2020-1934)

Summary IBM HTTP Server IHS is shipped as a component of IBM Rational ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

EulerOS Virtualization 3.0.2.2 : python (EulerOS-SA-2020-1472)

According to the versions of the python packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Python Software Foundation Python CPython version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a...