Lucene search
K

50 matches found

Fedora
Fedora
added 2025/03/26 1:27 a.m.15 views

[SECURITY] Fedora 40 Update: libxslt-1.1.43-1.fc40

This C library allows to transform XML files into other XML files or HTML, text, ... using the standard XSLT stylesheet transformation mechanism. To use it you need to have a version of libxml2 =3D 2.6.27 installed. The xsltproc command is a command line interface to the XSLT engine...

7.8CVSS7.4AI score0.00324EPSS
Exploits4
OpenVAS
OpenVAS
added 2021/11/08 12:0 a.m.17 views

Mozilla Firefox Security Advisory (MFSA2016-27) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

8.8CVSS9.4AI score0.02831EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2016:0727-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.9AI score0.30946EPSS
Exploits9References4
RedHat Linux
RedHat Linux
added 2020/06/15 4:16 p.m.7 views

JBoss: JAXP in EAP 7.0 allows RCE via XSL

It was found that the JAXP implementation used in EAP 7.0 for XSLT processing is vulnerable to code injection. An attacker could use this flaw to cause remote code execution if they are able to provide XSLT content for parsing...

9.8CVSS6.4AI score0.02976EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/01/10 12:0 a.m.56 views

openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2018-14)

This update for java-170-openjdk fixes the following issues : Security issues fixed : - CVE-2017-10356: Fix issue inside subcomponent Security bsc1064084. - CVE-2017-10274: Fix issue inside subcomponent Smart Card IO bsc1064071. - CVE-2017-10281: Fix issue inside subcomponent Serialization...

9.8CVSS7.6AI score0.16181EPSS
Exploits2References88
OPENSUSE Linux
OPENSUSE Linux
added 2018/01/09 12:8 p.m.294 views

Security update for java-1_7_0-openjdk (important)

This update for java-170-openjdk fixes the following issues: Security issues fixed: - CVE-2017-10356: Fix issue inside subcomponent Security bsc1064084. - CVE-2017-10274: Fix issue inside subcomponent Smart Card IO bsc1064071. - CVE-2017-10281: Fix issue inside subcomponent Serialization...

7.5CVSS8AI score0.16181EPSS
Exploits2References42
RedHat Linux
RedHat Linux
added 2017/12/13 4:48 p.m.5 views

OpenJDK: insufficient access control checks in XML transformations (JAXP, 8172469)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

9.6CVSS7.4AI score0.02555EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/08/23 9:17 a.m.9 views

OpenJDK: insufficient access control checks in XML transformations (JAXP, 8172469)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

9.6CVSS7.4AI score0.02555EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/08/15 7:58 p.m.3 views

OpenJDK: insufficient access control checks in XML transformations (JAXP, 8172469)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

9.6CVSS7.4AI score0.02555EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2017/08/15 12:0 a.m.54 views

RHEL 6 / 7 : java-1.8.0-ibm (RHSA-2017:2469)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:2469 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java...

9.8CVSS7.2AI score0.03524EPSS
Exploits0References39
RedHat Linux
RedHat Linux
added 2017/08/07 3:5 p.m.4 views

OpenJDK: insufficient access control checks in XML transformations (JAXP, 8172469)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

9.6CVSS7.4AI score0.02555EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/07/20 5:49 p.m.5 views

OpenJDK: insufficient access control checks in XML transformations (JAXP, 8172469)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

9.6CVSS7.4AI score0.02555EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/07/20 4:16 p.m.6 views

OpenJDK: insufficient access control checks in XML transformations (JAXP, 8172469)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

9.6CVSS7.4AI score0.02555EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/07/20 3:59 p.m.8 views

OpenJDK: insufficient access control checks in XML transformations (JAXP, 8172469)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

9.6CVSS7.4AI score0.02555EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/07/20 3:58 p.m.5 views

OpenJDK: insufficient access control checks in XML transformations (JAXP, 8172469)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

9.6CVSS7.4AI score0.02555EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/07/11 12:0 a.m.45 views

openSUSE Security Update : Mozilla Thunderbird (openSUSE-2016-848)

This update contains Mozilla Thunderbird 45.2. boo983549 It fixes security issues mostly affecting the e-mail program when used in a browser context, such as viewing a web page or HTMl formatted e-mail. The following vulnerabilities were fixed : - CVE-2016-2818, CVE-2016-2815: Memory safety bugs...

10CVSS7.2AI score0.30946EPSS
Exploits9References36
Tenable Nessus
Tenable Nessus
added 2016/05/02 12:0 a.m.35 views

Ubuntu 14.04 LTS / 16.04 LTS : Thunderbird vulnerabilities (USN-2934-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2934-1 advisory. Bob Clary, Christoph Diehl, Christian Holler, Andrew McCreight, Daniel Holbert, Jesse Ruderman, and Randell Jesup discovered multiple memory...

9.3CVSS8.3AI score0.30946EPSS
Exploits9References24
Hacker One
Hacker One
added 2016/03/29 11:12 p.m.28 views

Tor: Use-after-free during XML transformations (MFSA-2016-27)

Hello, I'm not sure how to understand the rules regarding "Bonus over Base Bounty/Mozilla Bounty for code execution exploits". Are vulnerabilities affecting Firefox ESR 38.7 covered by this section? If yes, you may be interested by MFSA 2016-27 aka CVE-2016-1964:...

6.8CVSS7.7AI score0.02831EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/03/28 12:0 a.m.34 views

openSUSE Security Update : MozillaThunderbird (openSUSE-2016-402)

MozillaThunderbird was updated to 38.7.0 to fix the following issues : - Update to Thunderbird 38.7.0 boo969894 - MFSA 2015-81/CVE-2015-4477 bmo1179484 Use-after-free in MediaStream playback - MFSA 2015-136/CVE-2015-7207 bmo1185256 Same-origin policy violation using performance.getEntries and...

10CVSS7.4AI score0.30946EPSS
Exploits9References28
OPENSUSE Linux
OPENSUSE Linux
added 2016/03/26 5:8 p.m.49 views

Security update for MozillaThunderbird (important)

MozillaThunderbird was updated to 38.7.0 to fix the following issues: Update to Thunderbird 38.7.0 boo969894 MFSA 2015-81/CVE-2015-4477 bmo1179484 Use-after-free in MediaStream playback MFSA 2015-136/CVE-2015-7207 bmo1185256 Same-origin policy violation using performance.getEntries and history...

10CVSS1.1AI score0.30946EPSS
Exploits9References1
Rows per page
Query Builder