UCS@school Security Breach

UCS@school is a comprehensive solution that provides access to school infrastructure and applications as well as a complete toolset for operating them. A security vulnerability exists in versions prior to UCS@school 4.4v5-errata, which stems from an incorrect LDAP ACL in ucs-school-ldap-acls-mast...

SUSE CVE-2017-14623

In the ldap.v2 aka go-ldap package through 2.5.0 for Go, an attacker may be able to login with an empty password. This issue affects an application using this package if these conditions are met: 1 it relies only on the return error of the Bind function call to determine whether a user is...

Unspecified Vulnerability in Oracle Java SE, Java SE Embedded and Jrockit (CNVD-2018-02244)

Oracle Java SE, Java SE Embedded, and JRockit are products of Oracle Corporation. Java SE Java Platform Standard Edition is used to develop and deploy Java applications for desktops, servers, and embedded devices and real-time environments; Java SE Embedded is a Java platform for developing...

Oracle GlassFish Server Remote Security Vulnerability (CNVD-2017-00928)

Oracle GlassFish Server is the United States Oracle Oracle company's set of Java Platform, Java EE 6 specification can be realized solution. The program provides flexible, lightweight and ready to use for the development of applications Java EE 6 application server. A remote security vulnerabilit...