CVE-2025-21556

creationtimestamp| type| source ---|---|--- 2025-01-21 21:01:09+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2480 2025-01-21 21:19:08+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgbrqqrfuh2t 2025-01-21 21:48:58+00:00| seen|...

RHEL 6 / 7 : rh-mariadb100-mariadb (RHSA-2016:2927)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:2927 advisory. MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The...

RHEL 6 / 7 : rh-mysql56-mysql (RHSA-2016:1601)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:1601 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The...

Oracle Critical Patch Update Advisory - January 2024 (CVE-2024-20952, CVE-2024-20945, CVE-2024-20926, CVE-2024-20921, CVE-2024-20919, CVE-2024-20918)

Brocade SANnav has provided a Security update for the JAVA vulnerabilities below. CVE-2024-20952 CVE-2024-20945 CVE-2024-20926 CVE-2024-20921 CVE-2024-20919 CVE-2024-20918...

Elastic Stack 8.4.0, 7.17.6 Security Statement

Elastic Statement for Oracle July Critical Patch Update CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-25647, CVE-2022-34169 Summary : Oracle released their July Critical Patch Update for Java SE which contains 5 CVEs. Elastic has analyzed the flaws described by these CVEs and the...

Apache Tomcat Improper Access Control vulnerability

Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency...

Security Bulletin: CVE-2021-2161 may affect IBM® SDK, Java™ Technology Edition used by IBM Data Studio Client

Summary CVE-2021-2161 was disclosed in the Oracle April 2021 Patch Update. Vulnerability Details CVEID: CVE-2021-2161 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity...

Exploit for Deserialization of Untrusted Data in Oracle Access_Manager

CVE-2020-2555 is a remote code execution RCE vulnerability in Oracle WebLogic Server. It is caused by a deserialization bug in the com.tangosol.util.extractor.ReflectionExtractor class. The vulnerability allows an attacker to execute arbitrary code on the server by sending a specially crafted...

CVE-2016-8735

Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency...

Remote code execution

Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency...

CVE-2016-8735

Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency...

CVE-2016-8735

Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency...

CVE-2016-8735

Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn’t updated for consistency...

CVE-2016-8735

Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency...

Google App Engine for Java Security Vulnerabilities

A tweak carried out by Google in the Google App Engine for Java continues to stir up security concerns. Oracle this week patched the latest vulnerability in Java SE-the flaw also lives in Google’s platform-as-a-service entry-after it was privately disclosed by Java bug-hunters from Security...

Fake EFF Site Used in Spear Phishing Campaign

Attackers, possibly associated with the Russian government, registered a phony Electronic Frontier Foundation domain earlier this month in an attempt to dupe users into thinking correspondence from the site was coming from the well-known privacy watchdog. The scheme, largely carried out via spear...

Sun Java Runtime New Plugin docbase Buffer Overflow

No description provided by source. $Id: javadocbasebof.rb 11513 2011-01-08 00:25:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

Caphaw Banking Malware Distributed via YouTube Ads

More than one billion of unique visitor spend about 6 billion hours on YouTube to watch videos, according to monthly YouTube Stats. Security researchers from Bromium Labs recently found that YouTube advertising network has been abused by rogue advertisers to distribute malware. YouTube In-Stream...

java-1.7.0-openjdk security update

1.7.0.51-2.4.4.1.0.1.el510 - Add oracle-enterprise.patch - Fix DISTRONAME to 'Enterprise Linux' 1.7.0.51-2.4.4.1.el5 - updated to security icedtea 2.4.4 - icedteaversion set to 2.4.4 - updatever bumped to 51 - release reset to 1 - build requires: java-devel = 1:1.6.0 changed java7-devel - Resolve...

Security Explorations Finds Seven New Flaws in IBM SDK

Security researcher Adam Gowdiak and his team at Security Explorations have discovered another batch of issues that stem from the way Java is implemented in certain versions of software, in this case, IBM’s SDK. Gowdiak wrote Monday on the Full Disclosure mailing list about the issues, seven in...