OpenJDK: JVM class file verifier flaw allows unverified bytecode execution (8314295)

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...

Security Bulletin: IBM MessageSight is affected by the following four IBM Java vulnerabilities

Summary IBM MessageSight has addressed the following Java vulnerabilities: CVE-2019-2698: An attacker can use a maliciously crafted font to exploit a flaw in the JDK's font parsing code CVE-2019-2697: An attacker can use a maliciously crafted font to exploit a flaw in the JDK's font parsing code...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Platform Cluster Manager Standard Edition, IBM Platform Cluster Manager Advanced Edition, Platform HPC, and Spectrum Cluster Foundation.

Summary There are multiple vulnerabilities in IBM®Runtime Environment Java™Version 7 used by IBM Platform Cluster Manager Standard Edition, IBM Platform Cluster Manager Advanced Edition, Platform HPC, and Spectrum Cluster Foundation. These issues have been addressed in IBM Java SDK updates in Apr...

CVE-2017-1376

A flaw in the IBM J9 VM class verifier allows untrusted code to disable the security manager and elevate its privileges. IBM X-Force ID: 126873...

Code injection

A flaw in the IBM J9 VM class verifier allows untrusted code to disable the security manager and elevate its privileges. IBM X-Force ID: 126873...

CVE-2017-1376

A flaw in the IBM J9 VM class verifier allows untrusted code to disable the security manager and elevate its privileges. IBM X-Force ID: 126873...

CVE-2017-1376

A flaw in the IBM J9 VM class verifier allows untrusted code to disable the security manager and elevate its privileges. IBM X-Force ID: 126873...

CVE-2017-1376

A flaw in the IBM J9 VM class verifier allows untrusted code to disable the security manager and elevate its privileges. IBM X-Force ID: 126873...

JDK: class verifier allowing Security Manager bypass

A flaw in the IBM J9 VM class verifier allows untrusted code to disable the security manager and elevate its privileges. IBM X-Force ID: 126873...

JDK: class verifier allowing Security Manager bypass

A flaw in the IBM J9 VM class verifier allows untrusted code to disable the security manager and elevate its privileges. IBM X-Force ID: 126873...

OpenJDK: class verifier insufficient invokespecial calls verification (Hotspot, 8058982)

A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions...

OpenJDK: class verifier insufficient invokespecial calls verification (Hotspot, 8058982)

A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions...

jdk7-openjdk: multiple issues

CVE-2014-3566 man-in-the-middle Nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. - CVE-2014-6585 out-of-bounds read Allows remote attackers to affect confidentiality via font parsing...

OpenJDK: class verifier insufficient invokespecial calls verification (Hotspot, 8058982)

A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions...