13 matches found
Mageia: Security Advisory (MGASA-2016-0385)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Primavera Unifier (Oct 2020 CPU)
The 16.1-16.2, 17.7-17.12, 18.8, and 19.12 versions of Primavera Unifier installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2020 CPU advisory. - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering component: Platfor...
Security Bulletin: IBM InfoSphere Change Data Capture is affected by an Apache Derby open source library vulnerability (CVE-2015-1832)
Summary IBM InfoSphere Change Data Capture has addressed the following vulnerability: CVE-2015-1832 - Apache Derby could allow a remote attacker to obtain sensitive information, caused by a XML external entity XXE error when processing XML data by the XML datatype and XmlVTI. An attacker could...
Oracle WebLogic Server Multiple Vulnerabilities (January 2019 CPU)
The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities: - XML external entity XXE vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read...
Security Bulletin: Vulnerability in dependent component distributed in IBM Development Package for Apache Spark (CVE-2015-1832)
Summary Apache Derby versions up to 10.12.1.1 may be susceptible to an XML external entity XXE attack. Hive's metastore, where created, requires Derby when Apache Hadoop data sources are used with Apache Spark. Apache Derby is therefore included in the IBM Development Package for Apache Spark...
Updated derby packages fix security vulnerability
Apache Derby could allow a remote attacker to obtain sensitive information, caused by a XML external entity XXE error when processing XML data by the XML datatype and XmlVTI. An attacker could exploit this vulnerability to read arbitrary files on the system or cause a denial of service...
openSUSE Security Update : derby (openSUSE-2016-1191)
This update for derby fixes the following issues : - CVE-2015-1832: Remote attackers could have obtained sensitive information via an XML external entity when processing XML bsc1002763 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
CVE-2015-1832
XML external entity XXE vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read arbitrary files or cause a denial of service resource consumption via vectors involving XmlVTI and the XML dataty...
CVE-2015-1832
XML external entity XXE vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read arbitrary files or cause a denial of service resource consumption via vectors involving XmlVTI and the XML dataty...
CVE-2015-1832
XML external entity XXE vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read arbitrary files or cause a denial of service resource consumption via vectors involving XmlVTI and the XML dataty...
CVE-2015-1832
XML external entity XXE vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read arbitrary files or cause a denial of service resource consumption via vectors involving XmlVTI and the XML dataty...
CVE-2015-1832
XML external entity XXE vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read arbitrary files or cause a denial of service resource consumption via vectors involving XmlVTI and the XML dataty...
CVE-2015-1832
CVE-2015-1832 is an XXE vulnerability in the XmlVTI/XML datatype handling of Derby’s SqlXmlUtil, present in Apache Derby before 10.12.1.1 and exploitable when a Java Security Manager is not in place. Context-dependent attackers could read arbitrary files or cause resource exhaustion (DOS) via Xml...