19 matches found
SUSE-SU-2024:0325-1 Security update for java-17-openjdk
This update for java-17-openjdk fixes the following issues: Updated to version 17.0.10 January 2024 CPU: - CVE-2024-20918: Fixed an out of bounds access in the Hotspot JVM due to a missing bounds check bsc1218907. - CVE-2024-20919: Fixed a sandbox bypass in the Hotspot JVM class file verifier...
SUSE-SU-2024:0321-1 Security update for java-11-openjdk
This update for java-11-openjdk fixes the following issues: Updated to version 11.0.22 January 2024 CPU: - CVE-2024-20918: Fixed an out of bounds access in the Hotspot JVM due to a missing bounds check bsc1218907. - CVE-2024-20919: Fixed a sandbox bypass in the Hotspot JVM class file verifier...
SUSE-SU-2024:0203-1 Security update for java-11-openjdk
This update for java-11-openjdk fixes the following issues: Updated to version 11.0.22 January 2024 CPU: - CVE-2024-20918: Fixed an out of bounds access in the Hotspot JVM due to a missing bounds check bsc1218907. - CVE-2024-20919: Fixed a sandbox bypass in the Hotspot JVM class file verifier...
K53146535: Multiple Sun Java vulnerabilities
Security Advisory Description CVE-2013-5870 Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX. CVE-2013-5878 Unspecified vulnerability in Oracle Java SE 6u65 and...
Arbitrary Code Execution
java is vulnerable to arbitrary code execution. The vulnerability exists as MethodHandles in HotSpot JVM does not properly handle methods...
[SECURITY] Fedora 21 Update: thermostat-1.0.6-2.fc21
Thermostat is a monitoring and instrumentation tool for the Hotspot JVM, with support for monitoring multiple JVM instances. The system is made up of two processes: an Agent, which collects data, and a Client which allows users to visualize this data. These components communicate via a...
Oracle Java PhantomReference Use After Free (CVE-2015-0395)
A memory corruption vulnerability exists in Oracle Java. The vulnerability is due to a use after free error when handling phantom object references in the Hotspot JVM garbage collector. Successful exploitation could result in arbitrary code execution in the context of the currently logged-in user...
Oracle Java SE JRE Multiple Unspecified Vulnerabilities-01 (Feb 2015) - Windows
Oracle Java SE JRE is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Java SE JRE Multiple Unspecified Vulnerabilities-01 (Feb 2015) - Linux
Oracle Java SE JRE is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 20 Update: thermostat-1.0.6-1.fc20
Thermostat is a monitoring and instrumentation tool for the Hotspot JVM, with support for monitoring multiple JVM instances. The system is made up of two processes: an Agent, which collects data, and a Client which allows users to visualize this data. These components communicate via a...
[SECURITY] Fedora 21 Update: thermostat-1.0.6-1.fc21
Thermostat is a monitoring and instrumentation tool for the Hotspot JVM, with support for monitoring multiple JVM instances. The system is made up of two processes: an Agent, which collects data, and a Client which allows users to visualize this data. These components communicate via a...
CVE-2013-5893
Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented...
Design/Logic Flaw
Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented...
CVE-2013-5893
Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented...
CVE-2013-5893
CVE-2013-5893 affects Oracle Java SE 7u45 (and Java Embedded 7u45) and OpenJDK 7. The vulnerability is described as unspecified but exploitable via unknown vectors related to Libraries, with notes that it may relate to improper handling of MethodHandles in HotSpot JVM, potentially escaping the sa...
CVE-2013-5893
Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented...
Ubuntu 10.10 : openjdk-6b18 vulnerabilities (USN-1079-3)
USN-1079-2 fixed vulnerabilities in OpenJDK 6 for armel ARM architectures in Ubuntu 9.10 and Ubuntu 10.04 LTS. This update fixes vulnerabilities in OpenJDK 6 for armel ARM architectures for Ubuntu 10.10. It was discovered that untrusted Java applets could create domain name resolution cache...
Ubuntu 9.10 / 10.04 LTS : openjdk-6b18 vulnerabilities (USN-1079-2)
USN-1079-1 fixed vulnerabilities in OpenJDK 6 for non-armel ARM architectures. This update provides the corresponding updates for OpenJDK 6 for use with the armel ARM architectures. In order to build the armel ARM OpenJDK 6 update for Ubuntu 10.04 LTS, it was necessary to rebuild binutils and...
USN-1079-1: OpenJDK 6 vulnerabilities
It was discovered that untrusted Java applets could create domain name resolution cache entries, allowing an attacker to manipulate name resolution within the JVM. CVE-2010-4448 It was discovered that the Java launcher did not did not properly setup the LDLIBRARYPATH environment variable. A local...