136 matches found
MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.212.b04-0.el7 (AXSA:2019-3844:03)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3844:03 advisory. Enhancement - Oracle Java SE REIWA Security Fix - CVE-2019-2698, CVE-2019-2602, CVE-2019-2684 CVE CVEJVNhttp://jvndb.jvn.jp/ Tenable has extracted t...
MiracleLinux 7 : java-11-openjdk-11.0.3.7-0.el7 (AXSA:2019-3894:02)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3894:02 advisory. OpenJDK: Slow conversion of BigDecimal to long Libraries, 8211936 CVE-2019-2602 OpenJDK: Incorrect skeleton selection in RMI registry server-side...
MiracleLinux 7 : java-1.7.0-openjdk-1.7.0.221-2.6.18.0.0.1.el7.AXS7 (AXSA:2019-3860:03)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3860:03 advisory. Enhancement - Oracle Java SE REIWA Security Fix - Oracle Java SE Libraries DoSCVE-2019-2602 - Oracle Java SE RMI CVE-2019-2684 - Oracle Java SE 2D...
EUVD-2021-0894
Malware in sbrugna...
BIT-CASSANDRA-2020-13946
In Apache Cassandra, all versions prior to 2.1.22, 2.2.18, 3.0.22, 3.11.8 and 4.0-beta2, it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and...
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Cloud Transformation Advisor
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8.0.5.25 used by IBM Cloud Transformation Advisor. IBM Cloud Transformation Advisor has addressed the applicable CVEs. These issues were disclosed as part of the IBM Java SDK updates in April 2019. Vulnerability...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-2684, CVE-2019-4473, CVE-2019-11771)
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped and used by IBM Spectrum Control formerly Tivoli Storage Productivity Center. These issues were disclosed as part of the IBM Java SDK updates for April 2019 and July 2019. Vulnerability Details CVEID:...
OpenJDK 7 <= 7u211 / 8 <= 8u202 / 11.0.0 <= 11.0.2 / 12.0.0 <= 12.0.0 Multiple Vulnerabilities (2019-04-16)
The version of OpenJDK installed on the remote host is prior to 7 = 7u211 / 8 = 8u202 / 11.0.0 = 11.0.2 / 12.0.0 = 12.0.0. It is, therefore, affected by multiple vulnerabilities as referenced in the 2019-04-16 advisory. Please Note: Java CVEs do not always include OpenJDK versions, but are...
SUSE: Security Advisory (SUSE-SU-2019:1211-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:1308-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:1308-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:14059-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GHSA-24WW-MC5X-XC43 Man-in-the-middle attack in Apache Cassandra
In Apache Cassandra, all versions prior to 2.1.22, 2.2.18, 3.0.22, 3.11.8 and 4.0-beta2, it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and...
Man-in-the-middle attack in Apache Cassandra
In Apache Cassandra, all versions prior to 2.1.22, 2.2.18, 3.0.22, 3.11.8 and 4.0-beta2, it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and...
SUSE: Security Advisory (SUSE-SU-2019:1345-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:1219-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:1644-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
cassandra: allows manipulation of the RMI registry to perform a MITM attack and capture user names and passwords used to access the JMX interface
A flaw was found in cassandra in versions prior to 2.1.22, 2.2.18, 3.0.22, 3.11.8 and 4.0-beta2. A local attacker without access to the Apache Cassandra process or configuration files can manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and passwords used t...
Security Bulletin: A security vulnerability has been idenfied in IBM SDK which affects DataQuant for z/OS ( CVE-2019-2684, CVE-2019-2602, CVE-2019-2697, CVE-2019-2698)
Summary A security vulnerability has been identified in IBM SDK that could affect DataQuant for z/OS. Vulnerability Details CVEID: CVE-2019-2684 CVSS Base Score: 5.9 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded RMI component could allow an...
Virtuozzo 6 : java-1.8.0-openjdk / java-1.8.0-openjdk-debug / etc (VZLSA-2019-0774)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...