OPENSUSE-SU-2026:10726-1 java-1_8_0-openj9-1.8.0.492-1.1 on GA media

These are all security issues fixed in the java-180-openj9-1.8.0.492-1.1 package on the GA media of openSUSE Tumbleweed...

java-1_8_0-openj9-1.8.0.482-1.1 on GA media (moderate)

java-180-openj9-1.8.0.482-1.1 on GA media Announcement ID: openSUSE-SU-2026:10135-1 Rating: moderate Cross-References: CVE-2026-21925 CVE-2026-21933 CVSS scores: CVE-2026-21925 SUSE : 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N CVE-2026-21933 SUSE : 6.1...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.382.b05-1.el7 (AXSA:2023-6248:13)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6248:13 advisory. OpenJDK: improper handling of slash characters in URI-to-path conversion 8305312 CVE-2023-22049 OpenJDK: array indexing integer overflow issue 83044...

OPENSUSE-SU-2025:15079-1 java-1_8_0-openj9-1.8.0.452-1.1 on GA media

These are all security issues fixed in the java-180-openj9-1.8.0.452-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:10197-1 java-1_8_0-openjdk-1.8.0.111-1.1 on GA media

These are all security issues fixed in the java-180-openjdk-1.8.0.111-1.1 package on the GA media of openSUSE Tumbleweed...

SUSE-SU-2023:4572-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 8 Fix Pack 15: Oracle October 17 2023 CPU bsc1216640 Security fixes: - CVE-2023-22081: Fixed enhanced TLS connections bsc1216374 - CVE-2023-22067: Fixed IOR deserialization issue in CORBA bsc1216379 -...

[SECURITY] Fedora 38 Update: java-1.8.0-openjdk-1.8.0.382.b05-2.fc38

The OpenJDK 8 runtime environment...

CVE-2023-28462

A JNDI rebind operation in the default ORB listener in Payara Server 4.1.2.191 Enterprise, 5.20.0 and newer Enterprise, and 5.2020.1 and newer Community, when Java 1.8u181 and earlier is used, allows remote attackers to load malicious code on the server once a JNDI directory scan is performed...

Fixed CVEs in java-1.8.0-openjdk: CVE-2022-21434, CVE-2022-21443, CVE-2022-21476, CVE-2022-21426, CVE-2022-21496

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u332-b09. That fixes following CVEs: - CVE-2022-21476: Defective secure validation in Apache Santuario - CVE-2022-21496: URI parsing inconsistencies - CVE-2022-21434: Improper object-to-string conversion in AnnotationInvocationHandler -...

SUSE: Security Advisory (SUSE-SU-2016:1475-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SAP Solution Manager remote unauthorized OS commands execution

This module exploits the CVE-2020-6207 vulnerability within the SAP EEM servlet tcsmdagentapplicationeem of SAP Solution Manager SolMan running version 7.2. The vulnerability occurs due to missing authentication checks when submitting a SOAP request to the /EemAdminService/EemAdmin page to get...

SAP Solution Manager 7.2 Remote Command Execution Exploit

This Metasploit module exploits the CVE-2020-6207 vulnerability within the SAP EEM servlet of SAP Solution Manager SolMan running version 7.2. The vulnerability occurs due to missing authentication checks when submitting a SOAP request to the /EemAdminService/EemAdmin page to get information abou...

H2 Database 1.4.199 - JNI Code Execution Vulnerability

Exploit Title: H2 Database 1.4.199 - JNI Code Execution Exploit Author: 1F98D Original Author: Markus Wulftange Vendor Hompage: https://www.h2database.com/ Tested on: Windows 10 x64, Java 1.8, H2 1.4.199 References:...

SUSE-SU-2020:1569-2 Security update for java-1_8_0-openjdk

This update for java-180-openjdk to version jdk8u252 fixes the following issues: - CVE-2020-2754: Forward references to Nashorn bsc1169511 - CVE-2020-2755: Improve Nashorn matching bsc1169511 - CVE-2020-2756: Better mapping of serial ENUMs bsc1169511 - CVE-2020-2757: Less Blocking Array Queues...

ModbusPal 1.6b - XML External Entity Injection

ModbusPal 1.6b - XML External Entity Injection + Exploit Title: ModbusPal XXE Injection + Date: 05-08-2018 + Exploit Author: Trent Gordon + Vendor Homepage: http://modbuspal.sourceforge.net/ + Software Link: https://sourceforge.net/projects/modbuspal/files/latest/download?source=files + Version:...

Ping Identity: Server-Side Request Forgery on SAML Application - Import via URL

Summary == The My Applications feature on PingOne Identity admin allows you to add new SAML applications to your account. One feature allows you to import metadata via URI instead of via upload. This uses Java 1.8 to make an external web request to the URI supplied. Typically this is hard to...

SweetSecurity - Network Security Monitoring on Raspberry Pi type devices

Scripts to setup and install Bro IDS, Elasticsearch, Logstash, Kibana, and Critical Stack on any device. Getting Sweet Security Either download the Github repository manually, or clone the repo with the following command: $ git clone https://github.com/travisfsmith/sweetsecurity Prerequisites Mos...

file security, bug fix, and enhancement update

5.04-30 - fix CVE-2014-3538 unrestricted regular expression matching 5.04-29 - fix 1284826 - try to read ELF header to detect corrupted one 5.04-28 - fix 1263987 - fix bugs found by coverity in the patch 5.04-27 - fix CVE-2014-3587 incomplete fix for CVE-2012-1571 - fix CVE-2014-3710 out-of-bound...

OpenWGA Developer Studio 3.1.0 OpenDialog Arbitrary Code Execution

Summary The OpenWGA Developer Studio packages an OpenWGA CMS server together with all necessary development and deployment tools to create, develop, deploy, share and maintain your OpenWGA CMS applications. Description The application suffers from an arbitrary code execution vulnerability when...

Lobotomy - Android Reverse Engineering Framework & Toolkit

Lobotomy is an Android security toolkit that will automate different Android assessments and reverse engineering tasks. The goal of the Lobotomy toolkit is to provide a console environment, which would allow a user to load their target Android APK once, then have all the necessary tools without...