org.apache.juddi.client.plugins:juddi-client-plugins (>=3.2.1 <=3.3.4), org.apache.juddi.client.plugins:juddi-ddl-generator (>=3.2.1 <=3.3.4) +28 more potentially affected by CVE-2018-1307 via org.apache.juddi:juddi-client (>=3.2.0 <=3.3.4)

org.apache.juddi:juddi-client MAVEN version =3.2.0, =3.2.1, =3.2.1, =3.2.1, =3.2.0, =3.2.0, =3.2.0, =3.2.0, =3.2.0, =3.2.0, =3.2.0, =3.3.0, =3.2.0, =3.3.10 and more Source cves: CVE-2018-1307 Source advisory: OSV:GHSA-P99P-726H-C8V5...

am.ik.home:uaa-client (>=1.3.0 <=1.8.1), am.ik.home:uaa-integration-test (>=1.3.0 <=1.8.1) +355 more potentially affected by CVE-2018-1259 via org.springframework.data:spring-data-commons (>=1.13.0.RELEASE <=1.13.11.RELEASE)

org.springframework.data:spring-data-commons MAVEN version =1.13.0.RELEASE, =1.3.0, =1.3.0, =1.3.0, =0.0.1, =0.2.0, =1.0.6, =1.0.0-RC1, =1.0.0-RC1, =6.2.0.6, =6.2.0.5, =6.2.0.4, =6.2.0.4, =6.2.0.5, =6.2.0.5-oss - com.att.ocnp.mgmt:grm-edge-service =1.1.18-oss and more Source cves: CVE-2018-1259...

Security Bulletin: Critical Security Vulnerability in RDS Client library affecting Rational Change (CVE-2014-3089)

Summary Clear text password in IBM Rational Directory Server RDS supplied Client library could allow potential hacker to gain access to RDS and access to unauthorized data used by consuming products such as Rational Change. Vulnerability Details | Subscribe to My Notifications to be notified of...

SUSE-SU-2018:0645-1 Security update for java-1_7_0-ibm

This update for java-170-ibm provides the following fixes: The version was updated to 7.0.10.20 bsc1082810: Following security issues were fixed: - CVE-2018-2633 CVE-2018-2637 CVE-2018-2634 CVE-2018-2582 CVE-2018-2641 CVE-2018-2618 CVE-2018-2657 CVE-2018-2603 CVE-2018-2599 CVE-2018-2602...

SmartBear SoapUI 5.3.0 Remote Code Execution Via Deserialization

Title: SmartBear SoapUI - Remote Code Execution via Deserialization Author: Jakub Palaczynski Date: 12. July 2017 Exploit tested on: ================== SoapUI 5.3.0 Also works on older versions. Vulnerability: Remote Code Execution via Deserialization: ================================= SoapUI by...

Apache Mina 2.0.13 - Remote Command Execution

Apache Mina 2.0.13 - Remote Command Execution. Webapps exploit for Java platform Apache Mina 2.0.13 - Remote Command Execution Abstract Apache Mina 2.0.13 uses the OGNL library in the “IoSessionFinder” class. Its constructor takes into parameter one OGNL expression. Then this expression is execut...

SA110 : Java Deserialization Vulnerabilities

SUMMARY Blue Coat products that deserialize unsafe Java objects from untrusted sources are susceptible to one or more vulnerabilities. A remote attacker can exploit these vulnerabilities to cause the target to execute arbitrary code. AFFECTED PRODUCTS Cloud Data Protection for Salesforce CDP-SFDC...

Unspecified Vulnerability in Oracle Java SE Libraries Component

Sun Java Runtime Environment is a solution that provides a reliable runtime environment for JAVA applications. An unspecified security vulnerability in the Sun Java Runtime Environment and the Java SE Embedded and JRockit Libraries components could be exploited by remote attackers to access and...

OpenJDK: incorrect class loader permission check in ClassLoader getParent() (Libraries, 8055314)

An improper permission check issue was discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions...

Unspecified Vulnerability in Oracle Java SE Libraries Subpart (CNVD-2015-00575)

Oracle Java Runtime Environment is a solution that provides a reliable runtime environment for JAVA applications. An unspecified security vulnerability exists in the Oracle Java SE Libraries subcomponent that could be exploited by an unauthenticated attacker to conduct attacks over multiple...

Unspecified Vulnerability in Oracle Java SE Libraries Subpart (CNVD-2015-00574)

Oracle Java Runtime Environment is a solution that provides a reliable runtime environment for JAVA applications. An unspecified security vulnerability exists in the Oracle Java SE Libraries subcomponent, which allows an attacker to build untrustworthy Java Web Start applications and untrustworth...

OpenJDK: invalid threads subject to interrupts (Libraries, 6776941)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Libraries. NOTE: the previous information ...