106 matches found
EUVD-2015-7128
Malware in sbrugna...
EUVD-2008-2218
Malware in sbrugna...
EUVD-2001-0989
Malware in sbrugna...
EUVD-2004-1747
Malware in sbrugna...
Apache Apisix elevation of privilege vulnerability (CNVD-2025-20873)
Apache Apisix is a cloud-native microservices API gateway service of the U.S. Apache Apache Foundation. The software is based on OpenResty and etcd to realize , with dynamic routing and plug-in hot loading , suitable for microservice system under the API management . An elevation of privilege...
CVE-2025-27446
CVE-2025-27446 affects Apache APISIX (java-plugin-runner) from version 0.2.0 through 0.5.0. The root cause is improper permissions on a local listening file, enabling a local attacker to elevate privileges. The issue’s impact is high (local, user-privilege escalation with high confidentiality/int...
Apache Apisix 安全漏洞
Apache Apisix is a cloud-native microservices API gateway service of the U.S. Apache Apache Foundation. The software is based on OpenResty and etcd to realize , with dynamic routing and plug-in hot loading , suitable for microservice system under the API management . An elevation of privilege...
PT-2025-28065 · Apache · Apache Apisix
Name of the Vulnerable Software and Affected Versions: Apache APISIXjava-plugin-runner versions 0.2.0 through 0.5.0 Description: The issue is related to incorrect permission assignment for critical resources in the Apache APISIX java-plugin-runner, allowing a local attacker to elevate privileges...
CVE-2005-4845
The Java Plug-in 1.4.203 and 1.4.204 controls, and the 1.4.203 and 1.4.204 redirector controls, allow remote attackers to cause a denial of service Internet Explorer crash by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet...
Plugin Framework for Java 路径遍历漏洞
Plugin Framework for Java PF4J is a Java plugin framework open source by PF4J. A security vulnerability exists in Plugin Framework for Java v.3.9.0 and earlier versions, which originated from a vulnerability that could allow a remote attacker to obtain sensitive information and execute arbitrary...
Plugin Framework for Java 路径遍历漏洞
Plugin Framework for Java PF4J is a Java plugin framework open source by PF4J. A security vulnerability exists in Plugin Framework for Java v.3.9.0 and earlier versions, which originated from a vulnerability that allows remote attackers to obtain sensitive information and execute arbitrary code v...
SUSE CVE-2004-1029
The Sun Java Plugin capability in Java 2 Runtime Environment JRE 1.4.201, 1.4.204, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using th...
SUSE CVE-2015-7196
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, when a Java plugin is enabled, allow remote attackers to cause a denial of service incorrect garbage collection and application crash or possibly execute arbitrary code via a crafted Java applet that deallocates an in-use JavaScript...
[SECURITY] Fedora 29 Update: icedtea-web-1.8-3.fc29
The IcedTea-Web project provides a Java web browser plugin, an implementati on of Java Web Start originally based on the Netx project and a settings too l to manage deployment settings for the aforementioned plugin and Web Start implementations...
Java applets bypass CSP protections — Mozilla
Mozilla engineer Matt Wobensmith reported that Content Security Policy CSP does not block the loading of cross-domain Java applets when specified by policy. This is because the Java applet is loaded by the Java plugin, which then mediates all network requests without checking against CSP. This...
Updated iceape packages fix security vulnerabilities
Updated iceape packages fix security issues: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code vi...
Mozilla Firefox and Firefox Java applet code injection vulnerability
Mozilla Firefox is an open source web browser.Firefox ESR is an extended support version of Firefox. A security vulnerability exists in Mozilla Firefox when using the Java plugin, which can be exploited by remote attackers to redistribute a specially crafted Java applet from the in-use JavaScript...
CVE-2015-7196
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, when a Java plugin is enabled, allow remote attackers to cause a denial of service incorrect garbage collection and application crash or possibly execute arbitrary code via a crafted Java applet that deallocates an in-use JavaScript...
Code injection
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, when a Java plugin is enabled, allow remote attackers to cause a denial of service incorrect garbage collection and application crash or possibly execute arbitrary code via a crafted Java applet that deallocates an in-use JavaScript...
CVE-2015-7196
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, when a Java plugin is enabled, allow remote attackers to cause a denial of service incorrect garbage collection and application crash or possibly execute arbitrary code via a crafted Java applet that deallocates an in-use JavaScript...