45 matches found
RHCOS 1 : activemq (RHSA-2014:0254)
The remote Red Hat Enterprise Linux CoreOS 1 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0254 advisory. - HawtJNI: predictable temporary file name leading to local arbitrary code execution CVE-2013-2035 - Framework: XML External Entity...
RHCOS 2 : activemq (RHSA-2014:0245)
The remote Red Hat Enterprise Linux CoreOS 2 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0245 advisory. - HawtJNI: predictable temporary file name leading to local arbitrary code execution CVE-2013-2035 - Framework: XML External Entity...
EUVD-2022-2345
Malicious code in bioql PyPI...
Fedora: Security Advisory for hawtjni (FEDORA-2024-129d8ca6fc)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 40 Update: hawtjni-1.18-12.fc40
HawtJNI is a code generator that produces the JNI code needed to implement java native methods. It is based on the jnigen code generator that is part of the SWT Tools project which is used to generate all the JNI code which powers the eclipse platform...
com.github.huangtianhua:leveldbjni (>=1.8 <=1.9), com.github.huangtianhua:leveldbjni-all (>=1.8 <=1.9) +186 more potentially affected by CVE-2013-2035 via org.fusesource.hawtjni:hawtjni-runtime (>=1.1 <=1.7)
org.fusesource.hawtjni:hawtjni-runtime MAVEN version =1.1, =1.8, =1.8, =1.8, =1.0.0, =1.18.1, =0.10.0, =0.10.0, =0.10.0, =0.10.0, =0.10.0, =4.2.3, =4.2.3, =5.0.1, =6.17.0 and more Source cves: CVE-2013-2035 Source advisory: OSV:GHSA-49J7-QGHP-5WJ8...
GHSA-49J7-QGHP-5WJ8 Improper Control of Generation of Code in HawtJNI
Race condition in hawtjni-runtime/src/main/java/org/fusesource/hawtjni/runtime/Library.java in HawtJNI before 1.8, when a custom library path is not specified, allows local users to execute arbitrary Java code by overwriting a temporary JAR file with a predictable name in /tmp...
Improper Control of Generation of Code in HawtJNI
Race condition in hawtjni-runtime/src/main/java/org/fusesource/hawtjni/runtime/Library.java in HawtJNI before 1.8, when a custom library path is not specified, allows local users to execute arbitrary Java code by overwriting a temporary JAR file with a predictable name in /tmp...
Mageia: Security Advisory (MGASA-2014-0461)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Code Execution Using A Race Condition
Race condition in hawtjni-runtime/src/main/java/org/fusesource/hawtjni/runtime/Library.java in HawtJNI before 1.8, when a custom library path is not specified, allows local users to execute arbitrary Java code by overwriting a temporary JAR file with a predictable name in /tmp...
RHEL 6 : activemq (RHSA-2014:0254)
An updated activemq package that fixes multiple security issues is now available for Red Hat OpenShift Enterprise 1.2.7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
RHEL 6 : activemq (RHSA-2014:0245)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0245 advisory. Apache ActiveMQ provides a SOA infrastructure to connect processes across heterogeneous systems. A flaw was found in Apache Camel's parsing ...
Moderate: Red Hat Security Advisory: Red Hat JBoss Data Virtualization 6.0.0 security update
Red Hat JBoss Data Virtualization 6.0.0 roll up patch 4, which fixes three security issues and various bugs, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores,...
Important: Red Hat Security Advisory: Red Hat JBoss Fuse Service Works 6.0.0 security update
Red Hat JBoss Fuse Service Works 6.0.0 roll up patch 3, which fixes multiple security issues and various bugs, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base score...
HawtJNI: predictable temporary file name leading to local arbitrary code execution
The HawtJNI Library class wrote native libraries to a predictable file name in /tmp when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJN...
HawtJNI: predictable temporary file name leading to local arbitrary code execution
The HawtJNI Library class wrote native libraries to a predictable file name in /tmp when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJN...
Important: Red Hat Security Advisory: Red Hat JBoss Operations Network 3.3.0 update
Red Hat JBoss Operations Network 3.2.3, which fixes multiple security issues and several bugs, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Updated hawtjni packages fix security vulnerability
The HawtJNI Library class wrote native libraries to a predictable file name in /tmp/ when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJ...
MGASA-2014-0461 Updated hawtjni packages fix security vulnerability
The HawtJNI Library class wrote native libraries to a predictable file name in /tmp/ when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJ...
Important: Red Hat Security Advisory: Red Hat JBoss BRMS 6.0.3 update
Red Hat JBoss BRMS 6.0.3, which fixes multiple security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores,...