OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...

OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...

OpenJDK: Integer overflow in BMPImageReader (ImageIO, 8273838)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...

OpenJDK: Integer overflow in BMPImageReader (ImageIO, 8273838)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...

OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...

RHEL 7 : java-1.8.0-ibm (RHSA-2022:0968)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0968 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

RHEL 7 : java-1.7.1-ibm (RHSA-2022:0969)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0969 advisory. IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IB...

RHEL 8 : java-1.8.0-ibm (RHSA-2022:0970)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0970 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

openSUSE 15 Security Update : java-11-openjdk (openSUSE-SU-2022:0816-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0816-1 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported...

Security Bulletin: Multiple vulnerabilities in IBM® Java™ Runtime may affect IBM Decision Optimization Center (CVE-2022-21360, CVE-2022-21365)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 7 & 8 used by IBM Decision Optimization Center. IBM Decision Optimization Center has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2022-21365 DESCRIPTION: An unspecified vulnerability in Java S...

Security Bulletin: Multiple vulnerabilities in IBM® Java™ may affect IBM ILOG CPLEX Optimization Studio (CVE-2022-21360, CVE-2022-21365)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 7 & 8 used by IBM CPLEX Optimization Studio. IBM CPLEX Optimization Studio has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2022-21365 DESCRIPTION: An unspecified vulnerability in Java SE...

openSUSE 15 Security Update : java-1_8_0-openj9 (openSUSE-SU-2022:0870-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0870-1 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported...

Multiple Apple Products Out-of-Bounds Reading Vulnerability (CNVD-2022-23002)

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system for mobile devices, Apple iPadOS is an operating system for iPad tablets, Apple watchOS is an operating system for smartwatches, and Apple tvOS is an operating system for smartphones. Apple tvOS is a smart TV...

SUSE SLED15 / SLES15 Security Update : java-11-openjdk (SUSE-SU-2022:0816-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0816-1 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component:...

多款 Apple 产品缓冲区错误漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system for mobile devices, Apple iPadOS is an operating system for iPad tablets, Apple watchOS is an operating system for smartwatches, and Apple tvOS is an operating system for smartphones. Apple tvOS is a smart TV...

About the security content of tvOS 15.4

About the security content of tvOS 15.4 This document describes the security content of tvOS 15.4. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

AlmaLinux 8 : java-17-openjdk (ALSA-2022:0161)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:0161 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are...

AlmaLinux 8 : java-11-openjdk (ALSA-2022:0185)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:0185 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are...

About the security content of iTunes 12.12.3 for Windows

About the security content of iTunes 12.12.3 for Windows This document describes the security content of iTunes 12.12.3 for Windows. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...

KLA12486 Multiple vulnerabilities in Apple iTunes

Multiple vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A code execution vulnerability in ImageIO can be exploited via special crafted image to...