Moderate: Red Hat Security Advisory: libreoffice security update

An update for libreoffice is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

Moderate: libreoffice security update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

Design/Logic Flaw

PingFederate Administrative Console dependency contains a weakness where console becomes unresponsive with crafted Java class loading enumeration requests...

CVE-2023-39219 Admin Console Denial of Service via Java class enumeration

PingFederate Administrative Console dependency contains a weakness where console becomes unresponsive with crafted Java class loading enumeration requests...

CVE-2023-39219 Admin Console Denial of Service via Java class enumeration

PingFederate Administrative Console dependency contains a weakness where console becomes unresponsive with crafted Java class loading enumeration requests...

PT-2023-26837 · Ping Identity · Pingfederate Administrative Console

Name of the Vulnerable Software and Affected Versions: PingFederate Administrative Console affected versions not specified Description: The issue is related to a weakness in the PingFederate Administrative Console dependency, where the console becomes unresponsive due to crafted Java class loadin...

Ping Identity PingFederate Resource Management Error Vulnerability

Ping Identity PingFederate is a flagship software-based federation server in the United States. used for identity management. A security vulnerability exists in Ping Identity PingFederate that stems from the management console not responding to a request for a carefully crafted Java class load...

PyTorch Model Server Registration and Deserialization RCE

The PyTorch model server contains multiple vulnerabilities that can be chained together to permit an unauthenticated remote attacker arbitrary Java code execution. The first vulnerability is that the management interface is bound to all IP addresses and not just the loop back interface as the...

bcel security update

CentOS Errata and Security Advisory CESA-2022:8958 An update for bcel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Arbitrary Code Injection

Apache OpenOffice is vulnerable to Arbitrary Code Injection. The vulnerability exists because the Java class path is not properly configured which allows an attacker to inject and execute arbitrary codes...

Apache OpenOffice < 4.1.14 Multiple Vulnerabilities (macOS)

The version of Apache OpenOffice installed on the remote host is a version prior to 4.1.14. It is, therefore, affected by multiple vulnerabilities: - libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674 - Apache OpenOffice versions before 4.1.14 may b...

Apache OpenOffice Code Issue Vulnerability

Apache OpenOffice is an open source office software suite from the U.S. Apache Apache Foundation. The suite contains text documents , spreadsheets , presentations , drawings , databases and so on. A code issue vulnerability exists in Apache OpenOffice versions prior to 4.1.14, which stems from th...

The vulnerability of the Apache OpenOffice office software lies in the ability to add empty records to the Java class path, allowing an attacker to execute arbitrary code.

The vulnerability of the Apache OpenOffice office software lies in the ability to add empty records to the path of a Java class. Exploiting this vulnerability allows an attacker to execute arbitrary code by loading a specially crafted Java file remotely...

CVE-2022-38745

Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory...

CVE-2022-38745

Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory...

CVE-2022-38745 Apache OpenOffice: Empty entry in Java class path

Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory...

CVE-2022-38745 Apache OpenOffice: Empty entry in Java class path

Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory...

PT-2023-1972 · Apache +6 · Apache Openoffice +7

Name of the Vulnerable Software and Affected Versions: Apache OpenOffice versions before 4.1.14 Description: The issue is related to the possibility of adding an empty entry to the Java class path in Apache OpenOffice. This could allow a remote attacker to execute arbitrary Java code from the...

K42795243: Apache Xalan Java Library vulnerability CVE-2022-34169

Security Advisory Description The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. The Apache Xalan Jav...

Important: Red Hat Security Advisory: bcel security update

An update for bcel is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...