421 matches found
OpenJDK: incorrect privilege use when handling unreferenced objects (RMI, 8174966)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: RMI. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...
Ubuntu 16.04 LTS : OpenJDK 8 vulnerabilities (USN-3473-1)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3473-1 advisory. It was discovered that the Smart Card IO subsystem in OpenJDK did not properly maintain state. An attacker could use this to specially construct an...
USN-3473-1: OpenJDK 8 vulnerabilities
It was discovered that the Smart Card IO subsystem in OpenJDK did not properly maintain state. An attacker could use this to specially construct an untrusted Java application or applet to gain access to a smart card, bypassing sandbox restrictions. CVE-2017-10274 Gaston Traberg discovered that th...
PT-2019-4182 · Apache +7 · Commons-Dbcp +7
Name of the Vulnerable Software and Affected Versions: FasterXML jackson-databind versions 2.0.0 through 2.9.10 Description: A Polymorphic Typing issue exists in the jackson-databind library. When Default Typing is enabled for an externally exposed JSON endpoint and the service has the commons-db...
The vulnerability of ZTE NR8000 series radio relay system micro-programming software relates to the deserialization process of Java objects, allowing an attacker to execute arbitrary code.
The vulnerability of ZTE NR8000 series radio relay system microprogramming software is related to the process of deserializing Java objects when processing requests via the Java RMI Remote Method Invocation service, using the Apache Commons Collections ACC library. Exploiting this vulnerability...
OpenJDK: incorrect privilege use when handling unreferenced objects (RMI, 8174966)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: RMI. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...
OpenJDK: incorrect privilege use when handling unreferenced objects (RMI, 8174966)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: RMI. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...
OpenJDK: incorrect privilege use when handling unreferenced objects (RMI, 8174966)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: RMI. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...
Unspecified Vulnerability in Oracle Java SE and Java SE Embedded (CNVD-2017-33939)
Java SE is short for Java Platform Standard Edition, for the development and deployment of desktop, server, and embedded devices and real-time environment of Java applications. Java SE Embedded is based on Java SE, and provides specific features and support for embedded systems. A security...
CVE-2017-10932
All versions prior to V12.17.20 of the ZTE Microwave NR8000 series products - NR8120, NR8120A, NR8120, NR8150, NR8250, NR8000 TR and NR8950 are the applications of C/S architecture using the Java RMI service in which the servers use the Apache Commons Collections ACC library that may result in Ja...
OpenJDK: incorrect handling of references in DGC (RMI, 8163958)
It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application...
OpenJDK: insufficient access control checks in ActivationID (RMI, 8173697)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: RMI. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...
OpenJDK: incorrect handling of references in DGC (RMI, 8163958)
It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application...
CVE-2017-10102
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: RMI. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
OpenJDK: incorrect handling of references in DGC (RMI, 8163958)
It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application...
OpenJDK: incorrect handling of references in DGC (RMI, 8163958)
It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application...
OpenJDK: incorrect handling of references in DGC (RMI, 8163958)
It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application...
OpenJDK: incorrect handling of references in DGC (RMI, 8163958)
It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application...
OpenJDK: incorrect handling of references in DGC (RMI, 8163958)
It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application...
Hitachi Device Manager Arbitrary Command Execution Vulnerability
Hitachi Device Manager is a suite of mobile device management software from Hitachi, Japan. The software manages multiple Hitachi storage systems from a single console and provides logical view capabilities to harmonize storage assets with business applications. An arbitrary command execution...