9018 matches found
SUSE SLES12: java-1_8_0-ibm / java-1_8_0-ibm-alsa / java-1_8_0-ibm-devel / etc (SUSE-SU-2022:3152-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3152-1 advisory. Note: the issues listed below were NOT fixed with the previous update 8.0-7.11. - Update to Java 8.0 Service Refresh 7 Fix Pack 15...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.5.1.5)
The version of AOS installed on the remote host is prior to 6.5.1.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.5.1.5 advisory. - In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authenticati...
Amazon Linux 2022 : java-11-amazon-corretto, java-11-amazon-corretto-devel, java-11-amazon-corretto-headless (ALAS2022-2022-112)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-112 advisory. Generated code produced by C1 may leak a package-private class to a class from a different package. CVE-2022-21540 MethodHandle.invokeBasic method can be accessed on byte code level from an...
Amazon Linux 2022 : java-11-amazon-corretto, java-11-amazon-corretto-devel, java-11-amazon-corretto-headless (ALAS2022-2022-120)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-120 advisory. Generated code produced by C1 may leak a package-private class to a class from a different package. CVE-2022-21540 MethodHandle.invokeBasic method can be accessed on byte code level from an...
Amazon Linux 2022 : java-11-openjdk, java-11-openjdk-demo, java-11-openjdk-devel (ALAS2022-2022-047)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-047 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 7u321, 8u311,...
Amazon Linux 2022 : java-17-amazon-corretto, java-17-amazon-corretto-devel, java-17-amazon-corretto-headless (ALAS2022-2022-113)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-113 advisory. Generated code produced by C1 may leak a package-private class to a class from a different package. CVE-2022-21540 MethodHandle.invokeBasic method can be accessed on byte code level from an...
Amazon Linux 2022 : java-latest-openjdk, java-latest-openjdk-demo, java-latest-openjdk-devel (ALAS2022-2022-037)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-037 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 7u321, 8u311,...
Amazon Linux 2022 : java-1.8.0-amazon-corretto, java-1.8.0-amazon-corretto-devel (ALAS2022-2022-111)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-111 advisory. Generated code produced by C1 may leak a package-private class to a class from a different package. CVE-2022-21540 MethodHandle.invokeBasic method can be accessed on byte code level from an...
Amazon Linux 2022 : java-17-amazon-corretto, java-17-amazon-corretto-devel, java-17-amazon-corretto-headless (ALAS2022-2022-121)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-121 advisory. Generated code produced by C1 may leak a package-private class to a class from a different package. CVE-2022-21540 MethodHandle.invokeBasic method can be accessed on byte code level from an...
Amazon Linux 2022 : java-1.8.0-amazon-corretto, java-1.8.0-amazon-corretto-devel (ALAS2022-2022-119)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-119 advisory. Generated code produced by C1 may leak a package-private class to a class from a different package. CVE-2022-21540 MethodHandle.invokeBasic method can be accessed on byte code level from an...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.11.3)
The version of AOS installed on the remote host is prior to 5.11.3. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.11.3 advisory. - A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.20.4)
The version of AOS installed on the remote host is prior to 5.20.4. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.20.4 advisory. - In Expat aka libexpat before 2.4.5, there is an integer overflow in storeRawNames. CVE-2022-25315 - CVE-2020-9493 identified ...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.15.3)
The version of AOS installed on the remote host is prior to 5.15.3. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.15.3 advisory. - An issue was found in Linux kernel before 5.5.4. The mwifiexcmdappendvsietlv function in...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.17.1.5)
The version of AOS installed on the remote host is prior to 5.17.1.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.17.1.5 advisory. - An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocatetracebuff...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.10.10)
The version of AOS installed on the remote host is prior to 5.10.10. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.10.10 advisory. - In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and sessi...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.18.1)
The version of AOS installed on the remote host is prior to 5.18.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.18.1 advisory. - An issue was found in Linux kernel before 5.5.4. The mwifiexcmdappendvsietlv function in...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.20.4.5)
The version of AOS installed on the remote host is prior to 5.20.4.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.20.4.5 advisory. - If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache...
SUSE SLES15: java-1_8_0-ibm / java-1_8_0-ibm-32bit / java-1_8_0-ibm-alsa / etc (SUSE-SU-2022:2949-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2949-1 advisory. - Updated to Java 8.0 Service Refresh 7 Fix Pack 11 bsc1202427: - CVE-2022-34169: Fixed an integer truncation issue i...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.0.2.6)
The version of AOS installed on the remote host is prior to 6.0.2.6. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.0.2.6 advisory. - CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.1.1)
The version of AOS installed on the remote host is prior to 6.1.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.1.1 advisory. - JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j...