1260 matches found
UBUNTU-CVE-2017-10087
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...
UBUNTU-CVE-2017-10067
Vulnerability in the Java SE component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successfu...
UBUNTU-CVE-2017-10096
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...
CVE-2017-3509
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...
Design/Logic Flaw
Vulnerability in the Java SE component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 7u131 and 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks...
OpenJDK: insecure class construction (Hotspot, 8167104)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Hotspot. Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols...
OpenJDK: insufficient protected field access checks in atomic field updaters (Libraries, 8165344)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...
Oracle Java Uninitialized Memory Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the creation of an...
Oracle Java AtomicReferenceFieldUpdater Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2016-5549
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protoco...
CVE-2017-3260
Vulnerability in the Java SE component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks...
CVE-2016-5548
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...
Oracle Java AtomicReferenceFieldUpdater Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
UBUNTU-CVE-2017-3272
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...
CVE-2017-3260
Vulnerability in the Java SE component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks...
FreeBSD : groovy -- remote execution of untrusted code/DoS vulnerability (4af92a40-db33-11e6-ae1b-002590263bf5)
The Apache Groovy project reports : When an application with Groovy on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, it is possible for an attacker to bake a special serialized object that will execute code directly when...
openSUSE Security Update : roundcubemail (openSUSE-2016-1419)
roundcubemail was updated to version 1.1.7 and fixes the following issues : - Update to 1.1.7 - A maliciously crafted FROM value could cause extra parameters to be passed to the sendmail command boo1012493 - A maliciously crafted email could cause untrusted code to be executed cross site scriptin...
OpenJDK: incomplete type checks of System.arraycopy arguments (Hotspot, 8160591)
It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine's memory and completely bypass Java sandbox restrictions...
CVE-2016-3699
The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd...
Oracle Java MethodHandles filterReturnValue Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation o...