1249 matches found
CVE-2021-35586
CVE-2021-35586 is a vulnerability in Oracle Java SE (Java SE component: ImageIO) and Oracle GraalVM Enterprise Edition (affected versions: Java SE 7u311, 8u301, 11.0.12, 17; GraalVM EE: 20.3.3, 21.2.0) that enables an unauthenticated attacker with network access via multiple protocols to cause a ...
CVE-2021-35586
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...
Oracle Java SE and Oracle GraalVM Enterprise Edition Denial of Service Vulnerability
Java SE stands for Java Platform Standard Edition and is used to develop and deploy Java applications for desktops, servers, and embedded devices and real-time environments.Oracle GraalVM Enterprise Edition is an Oracle-based multilingual virtual machine for enterprise Java SE. A denial of servic...
Scientific Linux Security Update : java-11-openjdk on SL7.x i686/x86_64 (2021:3892)
The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2021:3892-1 advisory. - OpenJDK: Loop in HttpsServer triggered during TLS session close JSSE, 8254967 CVE-2021-35565 - OpenJDK: Incorrect principal selection when usin...
Oracle Java SE 输入验证错误漏洞
Java SE stands for Java Platform Standard Edition and is used to develop and deploy Java applications for desktops, servers, and embedded devices and real-time environments.Oracle GraalVM Enterprise Edition is an Oracle-based multilingual virtual machine for enterprise Java SE. A denial of servic...
PT-2021-7895
Name of the Vulnerable Software and Affected Versions Java SE versions 7u311, 8u301, 11.0.12, 17 Oracle GraalVM Enterprise Edition versions 20.3.3 and 21.2.0 Description The issue is related to the ImageIO component and allows an unauthenticated attacker with network access via multiple protocols...
Apple iTunes 缓冲区错误漏洞
Apple iTunes is a suite of media player applications from Apple, Inc. that are used to play and manage digital music and video files. A buffer error vulnerability exists in Apple iTunes versions prior to 12.12, which arises from a boundary error when processing images within ImageIO. An attacker...
About the security content of iTunes 12.12 for Windows
About the security content of iTunes 12.12 for Windows This document describes the security content of iTunes 12.12 for Windows. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches ...
KLA12293 Multiple vulnerabilities in Apple iTunes
Multiple vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A code execution vulnerability in ImageIO can be exploited via special crafted image to...
About the security content of tvOS 15
About the security content of tvOS 15 This document describes the security content of tvOS 15. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent...
About the security content of watchOS 8
About the security content of watchOS 8 This document describes the security content of watchOS 8. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...
Oracle Java SE Security Updates - 05 - (cpujul2020) - Windows
Oracle Java SE is prone to multiple security vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
About the security content of iCloud for Windows 12.5
About the security content of iCloud for Windows 12.5 This document describes the security content of iCloud for Windows 12.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...
KLA12263 Multiple vulnerabilities in Apple iCloud
Multiple vulnerabilities were found in Apple iCloud. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A code execution vulenrability in ImageIO can be exploited via special crafted image to execute arbitrary code. 2. A...
About the security content of iTunes 12.11.4 for Windows
About the security content of iTunes 12.11.4 for Windows This document describes the security content of iTunes 12.11.4 for Windows. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...
KLA12251 Multiple vulnerabilities in Apple iTunes
Multiple vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A code execution vulenrability in ImageIO can be exploited via special crafted image to execute arbitrary code. 2. A...
Apple macOS ImageIO WEBP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ImageIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...
Apple macOS ImageIO WEBP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ImageIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...
(0Day) Apple macOS ImageIO WEBP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ImageIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...
(0Day) Apple macOS ImageIO TIFF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ImageIO framework...