Security Bulletin: Java Platform Standard Edition Vulnerability in Multiple N Series Products (CVE-2016-0636)

Summary Multiple N Series Products incorporate the Oracle Java Platform, Standard Edition Java SE software libraries. Java SE versions 7u97, 8u73 and 8u74 are susceptible to a vulnerability, potentially leading to an unauthorized Operating System takeover including arbitrary code execution...

Security Bulletin: Java Platform Standard Edition Vulnerability in Multiple N Series Products (CVE-2016-0603)

Summary Multiple N Series Products incorporate the Oracle Java Platform, Standard Edition Java SE software libraries. Java SE JDK and JRE versions below6u113, 7u97 or 8u73 are susceptible to a vulnerability potentially leading to an unauthorized Operating System takeover. Vulnerability Details...

Security Bulletin: October 2015 Java Platform Standard Edition Vulnerabilities in Multiple N Series Products

Summary Multiple N Series Products incorporate the Oracle Java Platform, Standard Edition Java SE software libraries. Java SE JDK and JRE versions below 8u65, 7u91 and 6u105 and OpenJDK versions below 1.7.0.91 and 1.8.0.65 are susceptible to multiple vulnerabilities, potentially leading to an...

Security Bulletin: July 2015 Java Platform Standard Edition Vulnerabilities in Multiple N series Products

Summary Multiple N series products incorporate the Oracle Java Platform, Standard Edition Java SE software libraries. Java SE JDK and JRE versions below 8u51, 7u85 and 6u101 and OpenJDK versions below 1.7.0.85 and 1.8.0.51 are susceptible to multiple vulnerabilities, potentially leading to an...

Security Bulletin: April 2015 Java Platform Standard Edition Vulnerabilities in Multiple N series Products

Summary Multiple N series products incorporate the Oracle Java Platform, Standard Edition Java SE software libraries. Java SE JDK and JRE versions below 8u45, 7u79 and 6u95 and OpenJDK versions below 1.7.0.79 are susceptible to multiple vulnerabilities, potentially leading to an unauthorized...

SearchBlox 8.6.6 - Cross-Site Request Forgery Vulnerability

Exploit for java platform in category web applications Exploit Title: CSRF Privilege Escalation Creation of an administrator account on SearchBlox 8.6.6 Exploit Author: Canberk BOLAT, Ahmet GÜREL Software Link: https://www.searchblox.com/ Version: = SearchBlox Version 8.6.6 Platform: Java Tested...

OpenJDK: insufficient consistency checks in deserialization of multiple classes (Security, 8189977)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker wi...

Oracle Java SE and Java SE Embedded Remote Vulnerability

Oracle Java SE and Java SE Embedded are both products of Oracle Corporation. Java SE Java Platform Standard Edition is used to develop and deploy Java applications for desktops, servers, as well as embedded devices and real-time environments; Java SE Embedded is a Java platform for the developmen...

OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Hotspot. Supported versions that are affected are Java SE: 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols...

OpenJDK: incorrect handling of Reference clones can lead to sandbox bypass (Hotspot, 8192025)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Hotspot. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

OpenJDK: unrestricted deserialization of data from JCEKS key stores (Security, 8189997)

Vulnerability in the Java SE, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162, 10 and JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java...

OpenJDK: incorrect merging of sections in the JAR manifest (Security, 8189969)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

OpenJDK: unbounded memory allocation during deserialization in StubIORImpl (Serialization, 8192757)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attack...

OpenJDK: unrestricted deserialization of data from JCEKS key stores (Security, 8189997)

Vulnerability in the Java SE, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162, 10 and JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java...

OpenJDK: unbounded memory allocation during deserialization in Container (AWT, 8189989)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...

CVE-2018-2790

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

Unspecified Vulnerability in Oracle Java SE and Java SE Embedded (CNVD-2018-09066)

Java SE is short for Java Platform Standard Edition, which is used to develop and deploy Java applications for desktops, servers, as well as embedded devices and real-time environments.Java SE Embedded is based on Java SE and provides specific features and support for embedded systems. An...

Oracle Java SE and JRockit have unspecified vulnerabilities (CNVD-2018-09073)

Java SE stands for Java Platform Standard Edition and is used to develop and deploy Java applications for desktops, servers, and embedded devices and real-time environments. Java SE Embedded is based on Java SE and offers specific features and support for embedded systems. the JRockit family of...

Debian: Security Advisory (DSA-4144-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...