CVE-2020-11722

CVE-2020-11722 affects Dungeon Crawl Stone Soup (crawl) before 0.25. According to linked advisories, remote attackers could execute arbitrary code by embedding Lua bytecode in an uploaded .crawlrc file. OpenVAS/Nessus entries corroborate a vulnerability in crawl with CVE-2020-11722 and note the i...

PT-2020-12808

Name of the Vulnerable Software and Affected Versions Dungeon Crawl Stone Soup versions prior to 0.25 Description The issue allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file. Recommendations For versions prior to 0.25, update to version 0.25 ...

Arbitrary Code Execution

java is vulnerable to arbitrary code execution. The vulnerability exists as a flaw was found in the HotSpot component in OpenJDK. Certain bytecode instructions confused the memory management within the Java Virtual Machine JVM, resulting in an applet or application crashing...

Arbitrary Code Execution

openjdk is vulnerable to arbitrary code execution. A flaw was found in the HotSpot component in OpenJDK. Certain bytecode instructions confused the memory management within the Java Virtual Machine JVM, which could lead to heap corruption...

Quark-Engine - An Obfuscation-Neglect Android Malware Scoring System

An Obfuscation-Neglect Android Malware Scoring System Concepts Android malware analysis engine is not a new story. Every antivirus company has their own secrets to build it. With curiosity, we develop a malware scoring system from the perspective of Taiwan Criminal Law in an easy but solid way. W...

ClamAV < 0.102.0 - (bytecode_vm) Code Execution Exploit

!/usr/bin/python ''' Finished : 22/07/2019 Pu8lished : 31/10/2019 Versi0n : Current ./exploit.py clambc --debug exploit SNIP $ ''' names = 'test1', 'read', 'write', 'seek', 'setvirusname', 'debugprintstr', 'debugpr...

The vulnerability of the EAP Controller remote management utility lies in the lack of authentication for a critical function, allowing a malicious actor to control the target server and execute arbitrary Java or bytecode.

The vulnerability of the EAP Controller remote management utility lies in the lack of authentication for a critical function. Exploiting this vulnerability allows a malicious actor to remotely control the target server and execute arbitrary Java or bytecode...

CVE-2019-10245

In Eclipse OpenJ9 prior to the 0.14.0 release, the Java bytecode verifier incorrectly allows a method to execute past the end of bytecode array causing crashes. Eclipse OpenJ9 v0.14.0 correctly detects this case and rejects the attempted class load...

Uncompyle6 - A Cross-Version Python Bytecode Decompiler

A native Python cross-version decompiler and fragment decompiler. The successor to decompyle, uncompyle, and uncompyle2. Introduction uncompyle6 translates Python bytecode back into equivalent Python source code. It accepts bytecodes from Python version 1.3 to version 3.8, spanning over 24 years ...

SUSE-SU-2019:14059-1 Security update for java-1_7_1-ibm

This update for java-171-ibm fixes the following issues: Update to Java 7.1 Service Refresh 4 Fix Pack 45. Security issues fixed: - CVE-2019-10245: Fixed Java bytecode verifier issue causing crashes bsc1134718. - CVE-2019-2698: Fixed out of bounds access flaw in the 2D component bsc1132729. -...

Our Approach to Data Engineering

Our Approach to Data Engineering At Carbon Black, our R&D team is working on the cutting edge of data engineering. We’ve developed our own language and make our data compile down to bytecode to process super-fast. We’re pushing the boundaries of Kubernetes and Kinesis. And we’re having a blast...

SUSE-SU-2019:1308-2 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 5 Fix Pack 35. Security issues fixed: - CVE-2019-10245: Fixed Java bytecode verifier issue causing crashes bsc1134718. - CVE-2019-2698: Fixed out of bounds access flaw in the 2D component bsc1132729. -...

SUSE-SU-2019:1644-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 5 Fix Pack 35. Security issues fixed: - CVE-2019-10245: Fixed Java bytecode verifier issue causing crashes bsc1134718. - CVE-2019-2698: Fixed out of bounds access flaw in the 2D component bsc1132729. -...

JDK: Read beyond the end of bytecode array causing JVM crash

In Eclipse OpenJ9 prior to the 0.14.0 release, the Java bytecode verifier incorrectly allows a method to execute past the end of bytecode array causing crashes. Eclipse OpenJ9 v0.14.0 correctly detects this case and rejects the attempted class load...

SUSE SLES15 Security Update : java-1_8_0-ibm (SUSE-SU-2019:1308-1)

This update for java-180-ibm fixes the following issues : Update to Java 8.0 Service Refresh 5 Fix Pack 35. Security issues fixed : CVE-2019-10245: Fixed Java bytecode verifier issue causing crashes bsc1134718. CVE-2019-2698: Fixed out of bounds access flaw in the 2D component bsc1132729...

SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2019:14059-1)

This update for java-171-ibm fixes the following issues : Update to Java 7.1 Service Refresh 4 Fix Pack 45. Security issues fixed : CVE-2019-10245: Fixed Java bytecode verifier issue causing crashes bsc1134718. CVE-2019-2698: Fixed out of bounds access flaw in the 2D component bsc1132729...

SUSE-SU-2019:1308-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 5 Fix Pack 35. Security issues fixed: - CVE-2019-10245: Fixed Java bytecode verifier issue causing crashes bsc1134718. - CVE-2019-2698: Fixed out of bounds access flaw in the 2D component bsc1132729. -...

JDK: Read beyond the end of bytecode array causing JVM crash

In Eclipse OpenJ9 prior to the 0.14.0 release, the Java bytecode verifier incorrectly allows a method to execute past the end of bytecode array causing crashes. Eclipse OpenJ9 v0.14.0 correctly detects this case and rejects the attempted class load...

Denial Of Service

IBM Java SE version 8 is vulnerable to denial of service DoS due to not reading beyond the end of bytecode array causing JVM crash...

JDK: Read beyond the end of bytecode array causing JVM crash

In Eclipse OpenJ9 prior to the 0.14.0 release, the Java bytecode verifier incorrectly allows a method to execute past the end of bytecode array causing crashes. Eclipse OpenJ9 v0.14.0 correctly detects this case and rejects the attempted class load...