Lucene search
K

7 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/04/29 2:13 a.m.251 views

Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to multiple CVEs

Summary Cloud Pak for Security CP4S v1.8.1.0 and earlier uses packages that are vulnerable to several CVEs. These have been remediated in the latest product release. Please see below for CVE details and the Remediation section for upgrade instructions. Vulnerability Details CVEID:CVE-2015-8985...

9.3CVSS9.9AI score0.03896EPSS
Exploits6Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/02/22 12:0 a.m.42 views

Sun Java JRE XML Signature Command Injection (102993) (Unix)

The version of Sun Java Runtime Environment JRE installed on the remote host reportedly does not securely process XSLT stylesheets containing XSLT Transforms in XML Signatures. If an attacker can pass a specially crafted XSLT stylesheet to a trusted Java application running on the remote host, it...

9.3CVSS8.8AI score0.03554EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.30 views

Gentoo Security Advisory GLSA 200709-15 (jrockit-jdk-bin)

The remote host is missing updates announced in advisory GLSA 200709-15. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS9.6AI score0.18185EPSS
Exploits1References2
Prion
Prion
added 2008/06/30 10:41 p.m.28 views

Sql injection

Sun Java System Access Manager 6.3 through 7.1 and Sun Java System Identity Server 6.1 and 6.2 do not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute arbitrary code via a crafted stylesheet, a related issue to...

7.5CVSS7.3AI score0.03554EPSS
Exploits0References7Affected Software2
UbuntuCve
UbuntuCve
added 2007/07/11 11:30 p.m.28 views

CVE-2007-3716

The Java XML Digital Signature implementation in Sun JDK and JRE 6 before Update 2 does not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute arbitrary code via a crafted stylesheet, a related issue to CVE-2007-3715...

9.3CVSS7.3AI score0.03554EPSS
Exploits0References1
NVD
NVD
added 2007/07/11 11:30 p.m.24 views

CVE-2007-3716

The Java XML Digital Signature implementation in Sun JDK and JRE 6 before Update 2 does not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute arbitrary code via a crafted stylesheet, a related issue to CVE-2007-3715...

9.3CVSS9.5AI score0.03554EPSS
Exploits0References14
CVE
CVE
added 2007/07/11 11:0 p.m.74 views

CVE-2007-3716

CVE-2007-3716 affects Sun JDK/JRE 6 before Update 2, where the XML Digital Signature implementation mishandles XSLT transforms in signatures. A crafted XSLT stylesheet could allow a remote attacker to execute arbitrary code on the affected system. The CVE is tied to a related issue (CVE-2007-3715...

9.3CVSS7.2AI score0.03554EPSS
Exploits0References14Affected Software2
Rows per page
Query Builder