DEBIAN-CVE-2018-5344

In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lorelease serialization, which allows attackers to cause a denial of service lockacquire use-after-free or possibly have unspecified other impact...

CVE-2018-5344

In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lorelease serialization, which allows attackers to cause a denial of service lockacquire use-after-free or possibly have unspecified other impact...

CVE-2018-5344

In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lorelease serialization, which allows attackers to cause a denial of service lockacquire use-after-free or possibly have unspecified other impact...

CVE-2018-5344

In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lorelease serialization, which allows attackers to cause a denial of service lockacquire use-after-free or possibly have unspecified other impact...

CVE-2018-5344

In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lorelease serialization, which allows attackers to cause a denial of service lockacquire use-after-free or possibly have unspecified other impact...

openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2018-14)

This update for java-170-openjdk fixes the following issues : Security issues fixed : - CVE-2017-10356: Fix issue inside subcomponent Security bsc1064084. - CVE-2017-10274: Fix issue inside subcomponent Smart Card IO bsc1064071. - CVE-2017-10281: Fix issue inside subcomponent Serialization...

Security update for java-1_7_0-openjdk (important)

This update for java-170-openjdk fixes the following issues: Security issues fixed: - CVE-2017-10356: Fix issue inside subcomponent Security bsc1064084. - CVE-2017-10274: Fix issue inside subcomponent Smart Card IO bsc1064071. - CVE-2017-10281: Fix issue inside subcomponent Serialization...

SUSE SLED12 / SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2018:0005-1)

This update for java-170-openjdk fixes the following issues: Security issues fixed : - CVE-2017-10356: Fix issue inside subcomponent Security bsc1064084. - CVE-2017-10274: Fix issue inside subcomponent Smart Card IO bsc1064071. - CVE-2017-10281: Fix issue inside subcomponent Serialization...

The State of Web Application Vulnerabilities in 2017

As a web application firewall provider, part of our job at Imperva is constantly monitoring new security vulnerabilities. To do this, we use internal software that collects information from various data sources such as vulnerability databases, newsletters, forums, social media and more, integrate...

SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2017:3440-1)

This update for java-171-ibm fixes the following issues : - CVE-2017-10349: 'Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144;...

Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2017-936)

It was discovered that the Security component of OpenJDK could fail to properly enforce restrictions defined for processing of X.509 certificate chains. A remote attacker could possibly use this flaw to make Java accept certificate using one of the disabled algorithms. CVE-2017-10198 Vulnerabilit...

Updated java-1.8.0-openjdk packages fix security vulnerabilities

Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. CVE-2017-10285, CVE-2017-10346 It was discovered that the Kerberos client implementation in the Libraries...

Critical: java-1.7.0-openjdk

Issue Overview: It was discovered that the Security component of OpenJDK could fail to properly enforce restrictions defined for processing of X.509 certificate chains. A remote attacker could possibly use this flaw to make Java accept certificate using one of the disabled algorithms...

EulerOS 2.0 SP1 : java-1.7.0-openjdk (EulerOS-SA-2017-1330)

According to the versions of the java-1.7.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these...

EulerOS 2.0 SP2 : java-1.7.0-openjdk (EulerOS-SA-2017-1331)

According to the versions of the java-1.7.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these...

OpenJDK: multiple unbounded memory allocations in deserialization (Serialization, 8174109)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacke...

Potential for Information Disclosure in Application Skeleton

Potential for Information Disclosure in Application Skeleton The default application skeleton contained a beforeRender method on the AppController that could potentially lead to unwanted information disclosure in your application. The unsafe default code was present between 3.1.0 and 3.5.0 of the...

Denial Of Service (DoS)

pyasn1 is vulnerable to denial of service DoS attacks. These attacks are possible because the libraries finite length decoders could process indefinite length input for serialization. This is due to it not checking that the input is less than the maxChunkSize...

SUSE-SU-2017:3237-1 Security update for php7

This update for php7 fixes the following issues: Security issues fixed: - CVE-2017-16642: Fix timelibmeridian error that could be used to leak information from the interpreter bsc1067441. - CVE-2017-9229: Fix invalid pointer dereference in leftadjustcharhead bsc1069631. - CVE-2017-9228: Fix heap...

CVE-2017-15415

Incorrect serialization in IPC in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the value of a pointer via a crafted HTML page...