4214 matches found
DEBIAN-CVE-2023-21830
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vulnerability allows...
CVE-2023-21830
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vulnerability allows...
UBUNTU-CVE-2023-21830
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vulnerability allows...
Buffer overflow
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vulnerability allows...
CVE-2023-21830
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vulnerability allows...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms (CVE-2018-2633, CVE-2018-2603, CVE-2018-2657)
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 used by IBM Tivoli System Automation for Multiplatforms 4.1.0.0 to 4.1.0.3. These issues were disclosed as part of the IBM Java SDK updates in Jan 2018. There are multiple vulnerabilities in IBM® SDK Java™...
PT-2023-4769
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u351, 8u351-perf Oracle GraalVM Enterprise Edition versions 20.3.8, 21.3.4 Description The issue is related to the Serialization component in Oracle Java SE and Oracle GraalVM Enterprise Edition, allowing an...
[SECURITY] [DSA 5315-1] libxstream-java security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5315-1 [email protected] https://www.debian.org/security/ Markus Koschany January 11, 2023 https://www.debian.org/security/faq -...
Description of the security update for Microsoft Exchange Server 2019: January 10, 2023 (KB5022193)
Description of the security update for Microsoft Exchange Server 2019: January 10, 2023 KB5022193 This security update rollup resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures CVE CVE-2023-21745...
Security Bulletin: Vulnerabilities in FasterXML affects IBM Common Licensing's Administration And Reporting Tool (ART) and its Agent (217968, CVE-2020-36518)
Summary Security Vulnerablities have been addressed in IBM Common Licensing. Faster-XML Jackson is a JSON to Java object conversion API 217968, CVE-2020-36518. A fix is available to address the vulnerability. Vulnerability Details CVEID:CVE-2020-36518 DESCRIPTION: FasterXML jackson-databind is...
USN-5784-1 usbredir vulnerability
It was discovered that usbredir incorrectly handled memory when serializing large amounts of data in the case of a slow or blocked destination. An attacker could possibly use this issue to cause applications using usbredir to crash, resulting in a denial of service, or possibly execute arbitrary...
USN-5784-1: usbredir vulnerability
It was discovered that usbredir incorrectly handled memory when serializing large amounts of data in the case of a slow or blocked destination. An attacker could possibly use this issue to cause applications using usbredir to crash, resulting in a denial of service, or possibly execute arbitrary...
Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : usbredir vulnerability (USN-5784-1)
The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5784-1 advisory. It was discovered that usbredir incorrectly handled memory when serializing large amounts of data in the case of a slow or blocked...
EUVD-2022-7656
XStream serializes Java objects to XML and back again. Versions prior to 1.4.20 may allow a remote attacker to terminate the application with a stack overflow error, resulting in a denial of service only via manipulation the processed input stream. The attack uses the hash code implementation for...
CVE-2022-41596
The system tool has inconsistent serialization and deserialization. Successful exploitation of this vulnerability will cause unauthorized startup of components...
CVE-2022-41596
The system tool has inconsistent serialization and deserialization. Successful exploitation of this vulnerability will cause unauthorized startup of components...
CVE-2022-41596
The system tool has inconsistent serialization and deserialization. Successful exploitation of this vulnerability will cause unauthorized startup of components...
CVE-2022-41596
The system tool has inconsistent serialization and deserialization. Successful exploitation of this vulnerability will cause unauthorized startup of components...
CVE-2022-41596
CVE-2022-41596 affects Huawei HarmonyOS (System Tools) with a serialization/deserialization inconsistency in the System Tools class. The vulnerability enables unauthorized startup of components due to improper handling of serialized data, as described across multiple sources. Public details in th...
[SECURITY] Fedora 37 Update: protobuf-3.19.6-1.fc37
Protocol Buffers are a way of encoding structured data in an efficient yet extensible format. Google uses Protocol Buffers for almost all of its internal RPC protocols and file formats. Protocol buffers are a flexible, efficient, automated mechanism for serializing structured data...