22 matches found
CVE-2024-35161
Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4...
CVE-2024-35161 Apache Traffic Server: Incomplete check for chunked trailer section allows request smuggling
Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4...
CVE-2021-26623
A remote code execution vulnerability due to incomplete check for 'xheaderdecodepathrecord' function's parameter length value in the ark library. Remote attackers can induce exploit malicious code using this function...
Remote code execution
A remote code execution vulnerability due to incomplete check for 'xheaderdecodepathrecord' function's parameter length value in the ark library. Remote attackers can induce exploit malicious code using this function...
CVE-2021-1522 Cisco Connected Mobile Experiences Strong Authentication Requirements Enforcement Bypass
A vulnerability in the change password API of Cisco Connected Mobile Experiences CMX could allow an authenticated, remote attacker to alter their own password to a value that does not comply with the strong authentication requirements that are configured on an affected device. This vulnerability...
Moderate: Red Hat Security Advisory: java-1.8.0-ibm security update
An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
CentOS 8 : java-11-openjdk (CESA-2020:4305)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4305 advisory. - OpenJDK: High memory usage during deserialization of Proxy class with many interfaces Serialization, 8236862 CVE-2020-14779 - OpenJDK: Credentials se...
CentOS 8 : java-1.8.0-openjdk (CESA-2020:4347)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4347 advisory. - OpenJDK: High memory usage during deserialization of Proxy class with many interfaces Serialization, 8236862 CVE-2020-14779 - OpenJDK: Credentials se...
RHEL 7 : java-1.7.1-ibm (RHSA-2020:5586)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5586 advisory. IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IB...
CentOS 7 : java-11-openjdk (RHSA-2020:4307)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4307 advisory. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE:...
RHEL 8 : java-1.8.0-openjdk (RHSA-2020:4352)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4352 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...
Moderate: Red Hat Security Advisory: java-1.8.0-openjdk security update
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Authorization Bypass
OpenJDK is vulnerable to authorization bypass. The vulnerability exists through incomplete check for invalid characters in URI to path conversion...
Moderate: Red Hat Security Advisory: java-11-openjdk security and bug fix update
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...
Moderate: Red Hat Security Advisory: java-11-openjdk security update
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...
RHEL 8 : java-11-openjdk (RHSA-2020:4305)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4305 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...
CVE-2017-7300
The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has an aoutlinkaddsymbols function in bfd/aoutx.h that is vulnerable to a heap-based buffer over-read off-by-one because of an incomplete check for invalid string offsets while loading symbols, leading to a GN...
Heap overflow
The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has an aoutlinkaddsymbols function in bfd/aoutx.h that is vulnerable to a heap-based buffer over-read off-by-one because of an incomplete check for invalid string offsets while loading symbols, leading to a GN...
CVE-2017-7300
The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has an aoutlinkaddsymbols function in bfd/aoutx.h that is vulnerable to a heap-based buffer over-read off-by-one because of an incomplete check for invalid string offsets while loading symbols, leading to a GN...