8752 matches found
Moderate: java-17-openjdk security and bug fix update
The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: OpenJDK: improper MultiByte conversion can lead to buffer overflow JGSS, 8286077 CVE-2022-21618 OpenJDK: excessive memory allocation in X.509 certificate...
OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0...
RLSA-2022:7000 Moderate: java-17-openjdk security and bug fix update
The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: OpenJDK: improper MultiByte conversion can lead to buffer overflow JGSS, 8286077 CVE-2022-21618 OpenJDK: excessive memory allocation in X.509 certificate...
Moderate: Red Hat Security Advisory: java-11-openjdk security update
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...
RLSA-2022:7006 Moderate: java-1.8.0-openjdk security update
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: excessive memory allocation in X.509 certificate parsing Security, 8286533 CVE-2022-21626 OpenJDK: HttpServer no connection count limit...
USN-5690-1: libXdmcp vulnerability
It was discovered that libXdmcp was generating weak session keys. A local attacker could possibly use this issue to perform a brute force attack and obtain another user's key...
UBUNTU-CVE-2022-43043
GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function BDCheckSFTimeOffset at /bifs/fielddecode.c...
CVE-2022-39233
CVE-2022-39233 affects Tuleap versions 12.9.99.228 and later up to 14.0.99.23, where authorization is not properly verified when updating the branch prefix used by the GitLab repository integration. This allows authenticated users who can view the REST endpoint PATCH /gitlab_repositories/{id} to ...
Moderate: java-17-openjdk security and bug fix update
The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: OpenJDK: improper MultiByte conversion can lead to buffer overflow JGSS, 8286077 CVE-2022-21618 OpenJDK: excessive memory allocation in X.509 certificate...
Moderate: java-1.8.0-openjdk security update
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: excessive memory allocation in X.509 certificate parsing Security, 8286533 CVE-2022-21626 OpenJDK: HttpServer no connection count limit...
CVE-2022-39233 Tuleap subject to Missing Authorization allowing for branch prefix modification
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions 12.9.99.228 and above, prior to 14.0.99.24, authorizations are not properly verified when updating the branch prefix used by the GitLab repository integration. Authenticated users ca...
CVE-2022-39233 Tuleap subject to Missing Authorization allowing for branch prefix modification
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions 12.9.99.228 and above, prior to 14.0.99.24, authorizations are not properly verified when updating the branch prefix used by the GitLab repository integration. Authenticated users ca...
Important: nodejs security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 16.17.1. Security Fixes: nodejs: weak randomness in WebCrypto keygen CVE-2022-35255...
RLSA-2022:6964 Important: nodejs:16 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 16. Security Fixes: nodejs: weak randomness in WebCrypto keygen CVE-2022-35255 nodej...
How to make decentralized apps: Modern subtleties of development process management
By Owais Sultan Technology is moving towards modernized solutions and is constantly changing. Back in the day, there were web applications.… This is a post from HackRead.com Read the original post: How to make decentralized apps: Modern subtleties of development process management...
Adobe ColdFusion XML External Entity Injection Vulnerability
Adobe ColdFusion is a rapid application development platform from Adobe, which includes an integrated development environment and scripting language. The platform includes an integrated development environment and scripting language.Adobe ColdFusion has an XML external entity injection...
Autodesk FBX-SDK 资源管理错误漏洞
Autodesk FBX-SDK is a C++ software development platform and API toolkit from Autodesk, Inc. that is primarily used to convert existing content to FBX format. A security vulnerability exists in Autodesk FBX-SDK version 2020 and prior versions, which originates from the possibility that a user coul...
Adobe ColdFusion buffer overflow vulnerability
Adobe ColdFusion is a rapid application development platform from Adobe, which includes an integrated development environment and scripting language. Adobe ColdFusion is vulnerable to buffer overflow, which can be exploited by attackers to execute arbitrary code in the context of the current user...
Adobe ColdFusion 代码问题漏洞
Adobe ColdFusion is a rapid application development platform from Adobe, which includes an integrated development environment and scripting language. The platform includes an integrated development environment and scripting language.Adobe ColdFusion has an XML external entity injection...
Stable Channel Update for Desktop
The Stable channel has been updated to 106.0.5249.119 for Windows,Mac and Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the log. Extended stable channel has been updated to 106.0.5249.119 for Windows,Mac which will roll out over the...