CVE-2021-29500

bubble fireworks is an open source java package relating to Spring Framework. In bubble fireworks before version 2021.BUILD-SNAPSHOT there is a vulnerability in which the package did not properly verify the signature of JSON Web Tokens. This allows to forgery of valid JWTs...

CVE-2021-29500

The CVE-2021-29500 issue affects the bubble-fireworks project (fxbin/bubble-fireworks) in BUILD-SNAPSHOT builds. The root cause is improper verification of JSON Web Token signatures in the library’s JWT handling, which enables forgery of valid JWTs. Affected component: bubble-fireworks-core/JWT v...

CentOS: Security Advisory for java (CESA-2015:2086)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CentOS: Security Advisory for java (CESA-2020:2985)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CentOS Update for java CESA-2019:3157 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS Update for java CESA-2019:3158 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 28 : 1:java-1.8.0-openjdk (2019-c701e6605a)

Update to April 2019 CPU. See : http://mail.openjdk.java.net/pipermail/jdk8u-dev/2019-April/009115.htm l Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as...

CentOS Update for java CESA-2018:3350 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 7 : java-1.7.1-ibm (RHSA-2018:3672)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3672 advisory. IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IB...

Oracle JDeveloper Information Disclosure Vulnerability (July 2018 CPU)

The version of Oracle JDeveloper installed on the remote host is missing a security patch. Please see the vendor advisory for additional information. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid111332;...

Oracle Linux 5 / 6 / 7 : java-1.6.0-openjdk (ELSA-2016-1776)

The remote Oracle Linux 5 / 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-1776 advisory. 1:1.6.0.40-1.13.12.4.0.1 - Add oracle-enterprise.patch 1:1.6.0.40-1.13.12.4 - Bump source tarballs to try and really fix TCK failures this time...

Detect Shared Passwords: shard

A command line tool to detect shared passwords List available modules: $ java -jar shard-1.0.jar -l Available modules: Facebook LinkedIn Reddit Twitter Instagram Given a username and password shard will attempt to authenticate with multiple sites: $ java -jar shard-1.0.jar -u -p - Tried credentia...

SUSE-SU-2015:2216-1 Security update for java-1_7_0-ibm

The java-170-ibm package was updated to version 7.0-9.20 to fix several security and non security issues: - bnc955131: Version update to 7.0-9.20: CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4810 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844...

[SECURITY] Fedora 21 Update: jakarta-commons-httpclient-3.1-20.fc21

The Hyper-Text Transfer Protocol HTTP is perhaps the most significant protocol used on the Internet today. Web services, network-enabled appliances and the growth of network computing continue to expand the role of the HTTP protocol beyond user-driven web browsers, and increase the number of...

Amazon Linux: Security Advisory (ALAS-2013-183)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 5 : java-1.4.2-ibm-sap (RHSA-2012:1332)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:1332 advisory. IBM J2SE version 1.4.2 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several...

MGASA-2014-0109 Updated apache-commons-fileupload package fixes CVE-2014-0050

Updated apache-commons-fileupload packages fix security vulnerability: It was discovered that the Apache Commons FileUpload package for Java could enter an infinite loop while processing a multipart request with a crafted Content-Type, resulting in a denial-of-service condition CVE-2014-0050...

Oracle Linux 5 : java-1.6.0-openjdk (ELSA-2013-0246)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-0246 advisory. 1:1.6.0.0-1.33.1.11.6.0.1.el59 - Add oracle-enterprise.patch 1:1.6.0.0-1.33.1.11.6 - removed patch9 revertTwoWrongSecurityPatches2013-02-06.patch - add...

CentOS Update for java CESA-2013:0603 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for java CESA-2013:0275 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...