java security update

CentOS Errata and Security Advisory CESA-2019:0775 An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detail...

Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x i386/x86_64 (20190417)

Security Fixes : - OpenJDK: Font layout engine out of bounds access setCurrGlyphID 2D, 8219022 CVE-2019-2698 - OpenJDK: Slow conversion of BigDecimal to long Libraries, 8211936 CVE-2019-2602 - OpenJDK: Incorrect skeleton selection in RMI registry server-side dispatch handling RMI, 8218453...

RHEL 7 : java-1.8.0-openjdk (RHSA-2019:0775)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0775 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...

Scientific Linux Security Update : java-1.8.0-openjdk on SL7.x x86_64 (20190417)

Security Fixes : - OpenJDK: Font layout engine out of bounds access setCurrGlyphID 2D, 8219022 CVE-2019-2698 - OpenJDK: Slow conversion of BigDecimal to long Libraries, 8211936 CVE-2019-2602 - OpenJDK: Incorrect skeleton selection in RMI registry server-side dispatch handling RMI, 8218453...

Important: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

OpenJDK: Font layout engine out of bounds access setCurrGlyphID() (2D, 8219022)

Vulnerability in the Java SE component of Oracle Java SE subcomponent: 2D. Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of...

Important: Red Hat Security Advisory: java-1.8.0-openjdk security and bug fix update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Adobe Acrobat Reader DC text field value remote code execution vulnerability — redux

Summary A specific JavaScript code embedded in a PDF file can lead to a heap corruption when opening a PDF document in Adobe Acrobat Reader DC 2019.8.20071. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim would need t...

Cross site scripting

In MISP before 2.4.105, the app/View/Layouts/default.ctp default layout template has a Reflected XSS vulnerability...

CVE-2019-10254

In MISP before 2.4.105, the app/View/Layouts/default.ctp default layout template has a Reflected XSS vulnerability...

CVE-2019-10254

In MISP before 2.4.105, the app/View/Layouts/default.ctp default layout template has a Reflected XSS vulnerability...

Apple iOS, tvOS and macOS Mojave Kernel Out-of-Bounds Read Vulnerability

Apple iOS is an operating system developed for mobile devices.Apple tvOS is an operating system for smart TVs.Apple macOS Mojave is a specialized operating system developed for Mac computers.Kernel is a kernel component. An out-of-bounds read vulnerability exists in the Kernel component in Apple...

macOS 10.13.6 Multiple Vulnerabilities (Security Update 2019-002)

The remote host is running macOS 10.13.6 and is missing a security update. It is therefore, affected by multiple vulnerabilities including: - An application may be able to execute arbitrary code with kernel privileges. CVE-2019-8529 - A local user may be able to read kernel memory. CVE-2019-8504 ...

CVE-2019-10105

CMS Made Simple 2.2.10 has a Self-XSS vulnerability via the Layout Design Manager "Name" field, which is reachable via a "Create a new Template" action to the Design Manager...

Cross site scripting

CMS Made Simple 2.2.10 has a Self-XSS vulnerability via the Layout Design Manager "Name" field, which is reachable via a "Create a new Template" action to the Design Manager...

CVE-2019-10105

CMS Made Simple 2.2.10 has a Self-XSS vulnerability via the Layout Design Manager "Name" field, which is reachable via a "Create a new Template" action to the Design Manager...

CVE-2019-10105

CMS Made Simple 2.2.10 has a Self-XSS vulnerability via the Layout Design Manager "Name" field, which is reachable via a "Create a new Template" action to the Design Manager...

CVE-2019-10105

CMS Made Simple 2.2.10 contains a Self-XSS vulnerability in the Layout Design Manager, triggered by the “Name” field during the “Create a new Template” action. The issue is documented across multiple sources (NVD CVE-2019-10105, Red Hat advisory, CNVD, PRION, etc.) with consistent language that t...

CVE-2019-3851

A vulnerability was found in moodle before versions 3.6.3 and 3.5.5. There was a link to site home within the the Boost theme's secure layout, meaning students could navigate out of the page...

CVE-2019-3851

A vulnerability was found in moodle before versions 3.6.3 and 3.5.5. There was a link to site home within the the Boost theme's secure layout, meaning students could navigate out of the page...