234 matches found
OpenJDK: Incorrect exception processing during deserialization in BeanContextSupport (Serialization, 8224909)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
CVE-2011-3614
An Access Control vulnerability exists in the Facebook, Twitter, and Embedded plugins in Vanilla Forums before 2.0.17.9...
Improper access control
An Access Control vulnerability exists in the Facebook, Twitter, and Embedded plugins in Vanilla Forums before 2.0.17.9...
CVE-2020-2604
CVE-2020-2604 affects Oracle Java SE/Java SE Embedded Serialization. Affected: Java SE 7u241, 8u231, 11.0.5, 13.0.1; Java SE Embedded 8u231. Described impact: unauthenticated, network-based attacker can take over the Java environment; high confidentiality, integrity, and availability impact (CVSS...
Ultimate FAQ < 1.8.30 - Unauthenticated Reflected XSS
The HTML code generated by the FAQ shortcode does not sanitise the DisplayFAQ GET parameter, leading to an unauthenticated reflected Cross-Site Scripting issue on pages where such shortcode is used. Append the following payload on a page where a FAQ is embedded: ?DisplayFAQ=...
OpenJDK: Integer overflow in bounds check in SunGraphics2D (2D, 8225292)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
Security Bulletin: Security vulnerabilities has been identified with the embedded Content Navigator used by IBM Business Automation Workflow (CVE 2019-4263, CVE-2019-10086, CVE-2019-12402)
Summary IBM Business Automation Workflow has addressed the following security vulnerabilities with the embedded Content Navigator. For more information, refer to the X-Force database entries referred to below. Vulnerability Details CVEID: CVE-2019-4263 DESCRIPTION: IBM Content Navigator is...
OpenJDK: Unexpected exception thrown by Pattern processing crafted regular expression (Concurrency, 8222684)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Concurrency. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
OpenJDK: Integer overflow in bounds check in SunGraphics2D (2D, 8225292)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
OpenJDK: Unexpected exception thrown by Pattern processing crafted regular expression (Concurrency, 8222684)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Concurrency. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
OpenJDK: Incorrect handling of HTTP proxy responses in HttpURLConnection (Networking, 8225298)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...
UBUNTU-CVE-2019-2973
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JAXP. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
OpenJDK: NULL pointer dereference in DrawGlyphList (2D, 8222690)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
OpenJDK: Integer overflow in bounds check in SunGraphics2D (2D, 8225292)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
OpenJDK: Insufficient restriction of privileges in AccessController (Security, 8216381)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...
OS Identification : Apple AirPlay
This script attempts to identify the operating system type and version by looking at the capabilities of the remote Apple AirPlay server. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid127857; scriptversion"1.3"; scriptcvsdate"Date: 2020/01/22"; scriptnameenglish:"OS...
2019-08 Security Update for Windows Embedded Standard 7 for x86-based Systems (KB4474419)
A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...
2019-08 Security Update for Windows Embedded Standard 7 for x64-based Systems (KB4474419)
A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...
Microsoft DirectWrite / AFDKO - Stack Corruption in OpenType Font Handling While Processing CFF Blend DICT Operator
-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...
NetData Detection
Detection of NetData. The script sends a connection request to the server and attempts to detect NetData and to extract its version. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the...