27 matches found
EUVD-2015-2116
Malware in sbrugna...
EUVD-2015-2133
Malware in sbrugna...
CLSA-2025-1739387851 tomcat: Fix of CVE-2023-42794
CVE-2023-42794: restore the finalize method...
SUSE SLED15 / SLES15 Security Update : java-11-openjdk (SUSE-SU-2020:2143-1)
This update for java-11-openjdk fixes the following issues : Update to upstream tag jdk-11.0.8+10 July 2020 CPU, bsc1174157 - Security fixes : + JDK-8230613: Better ASCII conversions + JDK-8231800: Better listing of arrays + JDK-8232014: Expand DTD support + JDK-8233234: Better Zip Naming +...
Jumio SDK for Android Arbitrary Code Execution Vulnerability
Jumio SDK for Android is a software development kit for building authentication applications using biometrics based on the Android platform. A security vulnerability exists in versions of Jumio SDK for Android prior to 1.5.0. The vulnerability can be exploited to execute arbitrary code via the...
MetaIO SDK for Android Arbitrary Code Execution Vulnerability
MetaIO SDK for Android is a software development kit for building augmented reality applications based on the Android platform. A security vulnerability exists in versions of MetaIO SDK for Android prior to 6.0.2.1. The vulnerability can be exploited to execute arbitrary code via the finalize...
GraceNote GNSDK SDK for Android Arbitrary Code Execution Vulnerability
GraceNote GNSDK SDK for Android is a software development kit for building music applications based on the Android platform that recognizes CDs, digital music files, streaming audio, and more. A security vulnerability exists in versions of GraceNote GNSDK SDK for Android prior to 1.1.7. An attack...
ESRI ArcGis Runtime SDK for Android Arbitrary Code Execution Vulnerability
ESRI ArcGis Runtime SDK for Android is a software development kit for building native mapping applications based on the Android platform. A security vulnerability exists in the ESRI ArcGis Runtime SDK for Android prior to version 10.2.6-2. The vulnerability can be exploited to execute arbitrary...
CVE-2015-2004
The GraceNote GNSDK SDK before SVN Changeset 1.1.7 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
CVE-2015-2001
The MetaIO SDK before 6.0.2.1 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
CVE-2015-2002
The ESRI ArcGis Runtime SDK before 10.2.6-2 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
CVE-2015-2003
The PJSIP PJSUA2 SDK before SVN Changeset 51322 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
Code injection
The MyScript SDK before 1.3 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
Code injection
The MetaIO SDK before 6.0.2.1 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
Code injection
The GraceNote GNSDK SDK before SVN Changeset 1.1.7 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
Code injection
The PJSIP PJSUA2 SDK before SVN Changeset 51322 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
CVE-2015-2002
The ESRI ArcGis Runtime SDK before 10.2.6-2 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
CVE-2015-2003
The PJSIP PJSUA2 SDK before SVN Changeset 51322 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
CVE-2015-2004
The GraceNote GNSDK SDK before SVN Changeset 1.1.7 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
CVE-2015-2004
The GraceNote GNSDK SDK for Android is affected (before SVN Changeset 1.1.7). A root cause in the Serializable class’s finalize method improperly passes an attacker-controlled pointer to a native function, enabling arbitrary code execution on vulnerable versions. Affected product: GraceNote GNSDK...