UBUNTU-CVE-2024-30171

An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing...

ROS-20240507-03

A vulnerability in the FileBackedOutputStream feature of the Google Guava Java library suite is related to the use of files and directories accessible to external parties. Exploitation of the vulnerability could allow an attacker to Gain unauthorized access to protected information...

JFreeChart 安全漏洞

JFreeChart is a comprehensive free charting library for the Java platform from the individual developer David Gilbert. A security vulnerability exists in JFreeChart v1.5.4, which stems from an ArrayIndexOutOfBounds attack via the setSeriesNeedleint index, int type method...

JFreeChart 安全漏洞

JFreeChart is a comprehensive free charting library for the Java platform from the individual developer David Gilbert. A security vulnerability exists in JFreeChart v1.5.4, which stems from a null pointer exception contained in the component /chart/annotations/CategoryLineAnnotation...

Fedora: Security Advisory for jericho-html (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for objenesis (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for apache-commons-net (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for scannotation (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: trilead-ssh2-217.21-13.fc40

Trilead SSH-2 for Java is a library which implements the SSH-2 protocol in pu re Java tested on J2SE 1.4.2 and 5.0. It allows one to connect to SSH servers from within Java programs. It supports SSH sessions remote command execution and shell access, local and remote port forwarding, local stream...

[SECURITY] Fedora 40 Update: scannotation-1.0.3-0.33.r12.fc40

Scannotation is a Java library that creates an annotation database from a set of .class files.This database is really just a set of maps that in dex what annotations are used and what classes are using them. Why do you need th is? What if you are an annotation framework like an EJB 3.0 container...

[SECURITY] Fedora 40 Update: objenesis-3.3-9.fc40

Objenesis is a small Java library that serves one purpose: to instantiate a new object of a particular class. Java supports dynamic instantiation of classes using Class.newInstance; however, this only works if the class has an appropriate constructor. There are many times when a class cannot be...

[SECURITY] Fedora 40 Update: jsoup-1.17.2-2.fc40

jsoup is a Java library for working with real-world HTML. It provides a very convenient API for fetching URLs and extracting and manipulating data, using the best of HTML5 DOM methods and CSS selectors. jsoup implements the WHATWG HTML5 specification, and parses HTML to the same DOM as modern...

[SECURITY] Fedora 40 Update: jline2-2.14.6-12.fc40

JLine is a Java library for handling console input. It is similar in functionality to BSD editline and GNU readline. People familiar with the readline/editline capabilities for modern shells such as bash and tcsh will find most of the command editing features of JLine to be familiar...

[SECURITY] Fedora 40 Update: jericho-html-3.3-30.fc40

Jericho HTML Parser is a java library allowing analysis and manipulation of parts of an HTML document, including server-side tags, while reproducing verbatim any unrecognized or invalid HTML. It also provides high-level HTML form manipulation functions. It is an open source library released under...

[SECURITY] Fedora 40 Update: jansi1-1.18-21.fc40

Jansi is a small Java library that allows you to use ANSI escape sequences in your Java console applications. It implements ANSI support on platforms which don't support it like Windows and provides graceful degradation when output is sent to output devices which cannot support ANSI sequences...

[SECURITY] Fedora 40 Update: args4j-2.33-26.fc40

args4j is a small Java class library that makes it easy to parse command line options/arguments in your CUI application. - It makes the command line parsing very easy by using annotations - You can generate the usage screen very easily - You can generate HTML/XML that lists all options for your...

[SECURITY] Fedora 40 Update: apache-commons-net-3.10.0-5.fc40

This is an Internet protocol suite Java library originally developed by ORO, Inc. This version supports Finger, Whois, TFTP, Telnet, POP3, FTP, NNTP, SMTP, and some miscellaneous protocols like Time and Echo as well as BSD R command support. The purpose of the library is to provide fundamental...

[SECURITY] Fedora 40 Update: ant-1.10.14-10.fc40

Apache Ant is a Java library and command-line tool whose mission is to drive processes described in build files as targets and extension points dependent upon each other. The main known usage of Ant is the build of Java applications. Ant supplies a number of built-in tasks allowing to compile,...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

It is an offensive tool for web exploitation. The tool targets t...

GHSA-6QVW-249J-H44C jose4j denial of service via specifically crafted JWE

The jose4j component before 0.9.4 for Java allows attackers to cause a denial of service CPU consumption via a large p2c aka PBES2 Count value...