Eclipse OpenJ9 缓冲区错误漏洞

Eclipse OpenJ9 is a Java application engine from the Eclipse Foundation. The product is primarily used to run Java applications. A buffer overflow vulnerability exists in Eclipse OpenJ9 versions prior to 0.23, which stems from a stack-based buffer overflow that can occur when the virtual machine ...

CVE-2021-1993

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Java VM...

Oracle Database Server 授权问题漏洞

Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. A security vulnerability exists in the Java VM component of Oracle Database Server. An...

SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2021:0032-1)

This update for java-180-ibm fixes the following issues : Update to Java 8.0 Service Refresh 6 Fix Pack 20 bsc1180063,bsc1177943 CVE-2020-14792 CVE-2020-14797 CVE-2020-14781 CVE-2020-14779 CVE-2020-14798 CVE-2020-14796 CVE-2020-14803 - Class libraries : - SOCKETADAPTOR$SOCKETINPUTSTREAM.READ is...

SUSE-SU-2021:0032-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 6 Fix Pack 20 bsc1180063,bsc1177943 CVE-2020-14792 CVE-2020-14797 CVE-2020-14781 CVE-2020-14779 CVE-2020-14798 CVE-2020-14796 CVE-2020-14803 Class libraries: - SOCKETADAPTOR$SOCKETINPUTSTREAM.READ is...

SUSE SLES15 Security Update : java-1_8_0-ibm (SUSE-SU-2020:3932-1)

This update for java-180-ibm fixes the following issues : Update to Java 8.0 Service Refresh 6 Fix Pack 20 bsc1180063,bsc1177943 CVE-2020-14792 CVE-2020-14797 CVE-2020-14781 CVE-2020-14779 CVE-2020-14798 CVE-2020-14796 CVE-2020-14803 - Class libraries : - SOCKETADAPTOR$SOCKETINPUTSTREAM.READ is...

Security Bulletin: Multiple vulnerabilities in the IBM Java Runtime affect IBM Rational ClearQuest

Summary There are multiple vulnerabilities in the IBM® Runtime Environment Java™ Versions 7 and 8, which are used by IBM Rational ClearQuest. These issues were disclosed in the IBM Java SDK updates in July 2020. IBM Rational ClearQuest has addressed the applicable CVEs. Vulnerability Details CVEI...

The vulnerability of the Java VM component of the Oracle Database Server database management system allows attackers to compromise the integrity of the protected information.

The vulnerability of the Java VM component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to compromise the integrity of the protected information...

SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2020:2461-1)

This update for java-180-ibm fixes the following issues : Update to Java 8.0 Service Refresh 6 Fix Pack 15 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14556 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 - Class Libraries : -...

SUSE SLES15 Security Update : java-1_8_0-ibm (SUSE-SU-2020:2453-1)

This update for java-180-ibm fixes the following issues : Update to Java 8.0 Service Refresh 6 Fix Pack 15 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14556 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 - Class Libraries : -...

SUSE-SU-2020:2461-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 6 Fix Pack 15 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14556 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 Class Libraries: -...

SUSE-SU-2020:2453-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 6 Fix Pack 15 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14556 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 Class Libraries: -...

The vulnerability of the Java VM component of the Oracle Database Server database management system allows a hacker to gain full control over the application.

The vulnerability of the Java VM component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain full control over the application...

The vulnerability of the Java VM component of the Oracle Database Server database management system allows a hacker to gain full control over the application.

The vulnerability of the Java VM component of the Oracle Database Server management system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain full control over the application using the Oracle Net network protocol...

LY Corporation: Spring Actuator endpoints publicly available, leading to account takeover

Due to insufficient access controls, it was possible to access the Spring Boot Actuator endpoints /heapdump and /env. The /heapdump endpoint leaks data from the Java Virtual Machine, leading to disclosure of admin credentials, user tokens and a combination of other data. This endpoint was not...

Arbitrary Code Execution

openjdk is vulnerable to arbitrary code execution. A flaw was found in the HotSpot component in OpenJDK. Certain bytecode instructions confused the memory management within the Java Virtual Machine JVM, which could lead to heap corruption...

CVE-2020-11450

Microstrategy Web 10.4 exposes the JVM configuration, CPU architecture, installation folder, and other information through the URL /MicroStrategyWS/happyaxis.jsp. An attacker could use this vulnerability to learn more about the environment the application is running in. This issue has been...

CVE-2020-4325

The IBM Process Federation Server 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, and 19.0.0.3 Global Teams REST API does not properly shutdown the thread pools that it creates to retrieve Global Teams information from the federated systems. As a consequence, the Java Virtual Machine can't recover the...

Java Debug Wire Protocol (JDWP) Service Detection (TCP)

TCP based detection of services supporting the Java Debug Wire Protocol JDWP. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the Java VM component of the Oracle Database Server management system allows a hacker to gain full control over the application.

The vulnerability of the Java VM component of the Oracle Database Server management system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain full control over the application by using network protocols...