8752 matches found
OpenJDK: Array indexing issues in LIRGenerator (Hotspot, 8272014)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...
java-11-openjdk security update
An update is available for java-11-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The java-11-openjdk packages provide the OpenJDK 11 Java Runtime...
Mozilla Thunderbird 缓冲区错误漏洞
Mozilla Thunderbird is the United States Mozilla Foundation's set of independent from the Mozilla Application Suite e-mail client software. The software supports IMAP, POP mail protocols, and HTML mail formats. Mozilla Thunderbird suffers from a buffer error vulnerability that arises from imprope...
[SECURITY] Fedora 34 Update: prosody-0.11.12-1.fc34
Prosody is a flexible communications server for Jabber/XMPP written in Lua. It aims to be easy to use, and light on resources. For developers it aims to be easy to extend and give a flexible system on which to rapidly develop added functionality, or prototype new protocols...
Celebrating 20 Years of Trustworthy Computing
20 years ago this week, Bill Gates sent a now-famous email to all Microsoft employees announcing the creation of the Trustworthy Computing TwC initiative. The initiative was intended to put customer security, and ultimately customer trust, at the forefront for all Microsoft employees. Gates’ memo...
Celebrating 20 Years of Trustworthy Computing
20 years ago this week, Bill Gates sent a now-famous email to all Microsoft employees announcing the creation of the Trustworthy Computing TwC initiative. The initiative was intended to put customer security, and ultimately customer trust, at the forefront for all Microsoft employees. Gates’ memo...
Oracle WebLogic Server Input Validation Error Vulnerability (CNVD-2022-05875)
Oracle WebLogic Server is an application services middleware from Oracle for cloud and traditional environments that provides a modern, lightweight development platform that supports full lifecycle management of applications from development to production and simplifies application deployment and...
Oracle WebLogic Server Input Validation Error Vulnerability (CNVD-2022-05878)
Oracle WebLogic Server is an application services middleware from Oracle for cloud and traditional environments that provides a modern, lightweight development platform that supports full lifecycle management of applications from development to production and simplifies application deployment and...
PT-2022-7553 · Dpdk +4 · Dpdk +4
Name of the Vulnerable Software and Affected Versions: DPDK affected versions not specified Description: The issue is related to an uncontrolled resource consumption in the DPDK library and driver set, which can lead to a denial of service. A malicious vhost-user master can attach an unexpected...
Moddable SDK 缓冲区错误漏洞
Moddable SDK is a software development kit SDK for IoT embedded software development from Moddable USA. a security vulnerability exists in Moddable SDK v11.5.0, which stems from an invalid memory access in component asanmemmove. No details of the vulnerability are currently available...
Moddable SDK 安全漏洞
Moddable SDK is a software development kit SDK for IoT embedded software development from Moddable, U.S. A security vulnerability exists in Moddable SDK v11.5.0, which was discovered to contain a SEGV vulnerability via the xs source xarray .c in the fx Array prototype sorting. No details of the...
SUSE: Security Advisory (SUSE-SU-2022:0107-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2022:0110-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2022:0118-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-38786
There is a NULL pointer dereference in media/libcedarc/vdecoder of Allwinner R818 SoC Android Q SDK V1.0, which could cause a media crash denial of service...
OpenJDK: Excessive resource use when reading JAR manifest attributes (Libraries, 8272026)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability...
java-17-openjdk security update
An update is available for java-17-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The java-17-openjdk packages provide the OpenJDK 17 Java Runtime...
Oracle WebLogic Server Input Validation Error Vulnerability (CNVD-2022-52566)
Oracle WebLogic Server is an application services middleware from Oracle for cloud and traditional environments that provides a modern, lightweight development platform that supports full lifecycle management of applications from development to production and simplifies application deployment and...
Oracle WebLogic Server Input Validation Error Vulnerability (CNVD-2022-05874)
Oracle WebLogic Server is an application services middleware from Oracle for cloud and traditional environments that provides a modern, lightweight development platform that supports full lifecycle management of applications from development to production and simplifies application deployment and...
Heartland OA2021 Winter Snow Edition suffers from a logic flaw vulnerability (CNVD-2022-13942)
Heartland OA is developed based on the SaaS architecture of cloud computing model to meet the needs of government cloud, industrial cloud, education cloud and other intelligent cloud platform construction. A logic flaw vulnerability exists in Heartland OA2021 Winter Snow Edition, which can be...