OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468)

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...

Important: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a...

Important: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468)

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...

OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468)

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...

Important: Red Hat Security Advisory: java-21-openjdk security update

An update for java-21-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

Important: java-17-openjdk security and bug fix update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: incorrect handling of ZIP files with duplica...

Important: java-21-openjdk security update

The java-21-openjdk packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fixes: OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: RSA padding issue and timing side-channel...

NewStart CGSL MAIN 6.06 : sudo Vulnerability (NS-SA-2023-0135)

The remote NewStart CGSL host, running version MAIN 6.06, has sudo packages installed that are affected by a vulnerability: - Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer...

Existing pools will be bricked due to uninitialized state

Lines of code Vulnerability details Existing pools will be bricked due to uninitialized Summary Pools already present in the exchange will be bricked when crossTicks is called with an uninitialized tickTracking storage, which will trigger an array out of bounds error. Impact New pools in the...

CVE-2021-32422

dpic 2021.01.01 has a Global buffer overflow in theyylex function in main.c and reads out of the bound array...

PT-2025-40717

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the iwlwifi mvm module that could lead to an array out of bounds access. This issue is related to the handling of IWL SEC WEP KEY OFFSET during key...

EulerOS Virtualization 3.0.2.0 : sudo (EulerOS-SA-2023-1723)

According to the versions of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2023-1683)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Information disclosure

Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet...

NewStart CGSL CORE 5.04 / MAIN 5.04 : sudo Vulnerability (NS-SA-2023-0029)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has sudo packages installed that are affected by a vulnerability: - Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based...

CVE-2022-25726 Buffer Over-read in MODEM

Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet...

CVE-2022-25726

CVE-2022-25726 concerns information disclosure in Qualcomm modem data due to an array out-of-bounds access while handling the incoming DNS response packet. Affected component is Qualcomm chipsets/controllers with modem functionality; root cause described as improper bounds/length handling during ...

CVE-2022-25726 Buffer Over-read in MODEM

Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2023-1516)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...