211 matches found
PT-2020-6961 · Libslirp +9 · Libslirp +9
Name of the Vulnerable Software and Affected Versions: libslirp versions 4.3.1 and earlier Description: The issue is related to a buffer over-read in the slirp.c component of the libslirp TCP-IP emulator. This occurs because the component attempts to read a certain amount of header data, even if ...
cryptacular: excessive memory allocation during a decode operation
CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted input within the header of encoded data...
cryptacular: excessive memory allocation during a decode operation
CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted input within the header of encoded data...
USN-4337-1 openjdk-8, openjdk-lts vulnerabilities
It was discovered that OpenJDK incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service while processing a specially crafted regular expression. CVE-2020-2754, CVE-2020-2755 It was discovered that OpenJDK incorrectly handled class...
Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2018-1386)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP2 : java-1.7.0-openjdk (EulerOS-SA-2019-1846)
According to the versions of the java-1.7.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - OpenJDK: Incomplete enforcement of the trustURLCodebase restriction CVE-2018-3149 - OpenJDK: Leak of sensitive header data via HTTP...
UBUNTU-CVE-2019-16094
Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c...
CVE-2017-1107
IBM Marketing Platform 9.1.0, 9.1.2, 10.0, and 10.1 exposes sensitive information in the headers that could be used by an authenticated attacker in further attacks against the system. IBM X-Force ID: 120906...
DEBIAN-CVE-2019-12214
In FreeImage 3.18.0, an out-of-bounds access occurs because of mishandling of the OpenJPEG j2kreadppmv3 function in j2k.c. The value of lNppm comes from the file read in, and the code does not consider that lNppm may be greater than the size of pheaderdata...
UBUNTU-CVE-2019-12214
In FreeImage 3.18.0, an out-of-bounds access occurs because of mishandling of the OpenJPEG j2kreadppmv3 function in j2k.c. The value of lNppm comes from the file read in, and the code does not consider that lNppm may be greater than the size of pheaderdata...
OpenJDK: Leak of sensitive header data via HTTP redirect (Networking, 8196902)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
OpenJDK: Leak of sensitive header data via HTTP redirect (Networking, 8196902)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
RHEL 7 : java-1.7.1-ibm (RHSA-2018:3672)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3672 advisory. IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IB...
OpenJDK: Leak of sensitive header data via HTTP redirect (Networking, 8196902)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
OpenJDK: Leak of sensitive header data via HTTP redirect (Networking, 8196902)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
RHEL 7 : java-1.8.0-ibm (RHSA-2018:3534)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3534 advisory. - OpenJDK: Incorrect handling of unsigned attributes in signed Jar manifests Security, 8194534 CVE-2018-3136 - OpenJDK: Leak of sensitive...
OpenJDK: Leak of sensitive header data via HTTP redirect (Networking, 8196902)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
OpenJDK: Leak of sensitive header data via HTTP redirect (Networking, 8196902)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
OpenJDK: Leak of sensitive header data via HTTP redirect (Networking, 8196902)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
Important: Red Hat Security Advisory: java-1.7.0-openjdk security update
An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...