Arbitrary Code Execution

IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security...

Sandbox Restrictions Bypass

OpenJDK 7 Java Runtime Environment and Software Development Kit is susceptible to sandbox restriction bypass. Due to the flaws in ImagingLib and the image attribute, channel, layout and raster processing in the 2D component, it does not prevent an untrusted Java application or applet to trigger...

Sandbox Restrictions Bypass

OpenJDK 7 Java Runtime Environment and Software Development Kit is susceptible to sandbox restriction bypass. Due to the flaws in ImagingLib and the image attribute, channel, layout and raster processing in the 2D component, it does not prevent an untrusted Java application or applet to trigger...

Permission Check Bypass

OpenJDK 7 Java Runtime Environment and OpenJDK 7 Software Development Kit is vulnerable to permission check bypass. The attack is due to incorrect setter access check in MethodHandles.java, allowing an attacker to set value of a final field...

Sandbox Restrictions Bypass

OpenJDK 7 Java Runtime Environment and OpenJDK 7 Software Development Kit is vulnerable to sandbox restrictions bypass. It is due to improper method-invocation restrictions by the MethodUtil trampoline class allowing remote attackers to bypass the Java sandbox...

Information Disclosure

IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security...

Information Disclosure

IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security...

Arbitrary Code Execution

IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security...

The vulnerability of the Outside In Filters sub-component of Oracle’s software development kit (SDK) allows a malicious actor to gain unauthorized access to protected information or cause partial service disruption.

The vulnerability of the Outside In Filters sub-component of the Oracle Outside In Technology SDK is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or cause a partial servic...

SUSE SLED12 Security Update : ntfs-3g_ntfsprogs (SUSE-SU-2019:1000-1)

This update for ntfs-3gntfsprogs fixes the following issues : Security issues fixed : CVE-2019-9755: Fixed a heap-based buffer overflow which could lead to local privilege escalation bsc1130165. Note that Tenable Network Security has extracted the preceding description block directly from the SUS...

Buffer overflow

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. Supported versions that are affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

[SECURITY] Fedora 29 Update: meson-0.50.0-4.fc29

Meson is a build system designed to optimize programmer productivity. It aims to do this by providing simple, out-of-the-box support for modern software development tools and practices, such as unit tests, coverage reports, Valgrind, CCache and the like...

[SECURITY] Fedora 30 Update: toolbox-0.0.8-2.fc30

Toolbox is offers a familiar RPM based environment for developing and debugging software that runs fully unprivileged using Podman...

Microsoft Open Enclave SDK Information Disclosure Vulnerability

Microsoft Open Enclave SDK is a Microsoft SDK Software Development Kit for building secure zone applications in C and C ++. An information disclosure vulnerability exists in the Open Enclave SDK, which arises from errors such as configuration during operation of a networked system or product. An...

Hackers Could Turn Pre-Installed Antivirus App on Xiaomi Phones Into Malware

What could be worse than this, if the software that's meant to protect your devices leave backdoors open for hackers or turn into malware? Researchers today revealed that a security app that comes pre-installed on more than 150 million devices manufactured by Xiaomi, China's biggest and world's 4...

Virtuozzo 6 : java-1.7.0-openjdk / java-1.7.0-openjdk-demo / etc (VZLSA-2019-0462)

An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Intel SGX SDK Double Release Vulnerability

Intel SGX SDK is a set of software development kits based on SGX Intel Software Security Extensions technology from the U.S. company Intel Intel. A double release vulnerability exists in Intel SGX SDK. An attacker could exploit this vulnerability to disclose information...

The vulnerability of the web server for the software development tools, Intel Data Center Manager SDK, allows a perpetrator to increase their privileges.

The vulnerability of the Intel Data Center Manager SDK, a tool for developing software, is related to improper session management. Exploiting this vulnerability can allow attackers to enhance their privileges...

Intel Data Center Manager SDK Information Disclosure Vulnerability

Intel Data Center Manager SDK is a data center manager SDK software development kit from Intel USA. The product provides real-time power and cooling data for devices. An information disclosure vulnerability exists in Intel Data Center Manager SDK versions prior to 5.0.2. An authenticated user can...

Intel Data Center Manager SDK File Local Insecure File Permissions Vulnerability (CNVD-2019-05267)

Intel Data Center Manager SDK is a data center manager SDK software development kit from Intel USA. The product provides real-time power and cooling data for devices. A local insecure file permission vulnerability exists in Intel Data Center Manager SDK versions prior to 5.0.2. An authenticated...