344 matches found
CVE-2018-6667 McAfee Web Gateway - Authentication Bypass vulnerability
Authentication Bypass vulnerability in the administrative user interface in McAfee Web Gateway 7.8.1.0 through 7.8.1.5 allows remote attackers to execute arbitrary code via Java management extensions JMX...
OpenJDK: unbounded memory allocation during deserialization in TabularDataSupport (JMX, 8189985)
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JMX. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...
McAfee Web Gateway Authentication Bypass Vulnerability
McAfee Web Gateway MWG is a security gateway product from McAfee USA. The product provides threat protection, application control, and data loss prevention. An authentication bypass vulnerability exists in the management user interface in McAfee MWG. A remote attacker could exploit this...
CVE-2018-5488
NetApp SANtricity Web Services Proxy versions 1.10.x000.0002 through 2.12.X000.0002 and SANtricity Storage Manager 11.30.0X00.0004 through 11.42.0X00.0001 ship with the Java Management Extension Remote Method Invocation JMX RMI service bound to the network, and are susceptible to unauthenticated...
CVE-2018-5488
NetApp SANtricity Web Services Proxy and SANtricity Storage Manager are affected by an unauthenticated remote code execution due to JMX RMI being bound to the network. Affected products: NetApp SANtricity Web Services Proxy versions 1.10.x000.0002 through 2.12.X000.0002 and SANtricity Storage Man...
OpenJDK: unbounded memory allocation during deserialization in TabularDataSupport (JMX, 8189985)
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JMX. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...
CVE-2018-5487
NetApp OnCommand Unified Manager for Linux versions 7.2 through 7.3 ship with the Java Management Extension Remote Method Invocation JMX RMI service bound to the network, and are susceptible to unauthenticated remote code execution...
Remote code execution
NetApp OnCommand Unified Manager for Linux versions 7.2 through 7.3 ship with the Java Management Extension Remote Method Invocation JMX RMI service bound to the network, and are susceptible to unauthenticated remote code execution...
OpenJDK: unbounded memory allocation during deserialization in TabularDataSupport (JMX, 8189985)
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JMX. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...
OpenJDK: unbounded memory allocation during deserialization in TabularDataSupport (JMX, 8189985)
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JMX. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...
OpenJDK: unbounded memory allocation during deserialization in TabularDataSupport (JMX, 8189985)
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JMX. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...
OpenJDK: unbounded memory allocation during deserialization in TabularDataSupport (JMX, 8189985)
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JMX. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...
CVE-2018-2797
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JMX. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...
Unspecified Vulnerability in Oracle Java SE and JRockit (CNVD-2018-09071)
Java SE stands for Java Platform Standard Edition and is used to develop and deploy Java applications for desktops, servers, and embedded devices and real-time environments. Java SE Embedded is based on Java SE and offers specific features and support for embedded systems. the JRockit family of...
Ubuntu 16.04 LTS : OpenJDK 8 vulnerabilities (USN-3613-1)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3613-1 advisory. It was discovered that a race condition existed in the cryptography implementation in OpenJDK. An attacker could possibly use this to expose sensitive...
USN-3613-1: OpenJDK 8 vulnerabilities
It was discovered that a race condition existed in the cryptography implementation in OpenJDK. An attacker could possibly use this to expose sensitive information. CVE-2018-2579 It was discovered that the Hotspot component of OpenJDK did not properly validate uses of the invokeinterface JVM...
OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)
It was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions...
CVE-2018-7047
An issue was discovered in the MBeans Server in Wowza Streaming Engine before 4.7.1. The file system may be read and written to via JMX using the default JMX credentials remote code execution may be possible as well...
OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)
It was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions...
OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)
It was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions...