449 matches found
java security update
CentOS Errata and Security Advisory CESA-2015:0809 Updated java-1.8.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System...
Security feature bypass
Unspecified vulnerability in the Java Virtual Machine JVM in IBM SDK, Java Technology Edition 5.0 before SR16-FP9, 6 before SR16-FP3, 6R1 before SR8-FP3, 7 before SR8-FP10, and 7R1 before SR2-FP10 allows remote attackers to bypass intended access permissions and obtain sensitive information via...
CVE-2014-8892
CVE-2014-8892 affects IBM SDK/JVM used by Tivoli Storage Productivity Center (IBM Java Technology Edition). The IBM security bulletin describes the vulnerability as a bypass of permission checks under a security manager, potentially allowing untrusted code to view sensitive information. Remediati...
CVE-2014-8891
Unspecified vulnerability in the Java Virtual Machine JVM in IBM SDK, Java Technology Edition 5.0 before SR16-FP9, 6 before SR16-FP3, 6R1 before SR8-FP3, 7 before SR8-FP10, and 7R1 before SR2-FP10 allows remote attackers to escape the Java sandbox and execute arbitrary code via unspecified vector...
CVE-2014-8891
CVE-2014-8891 affects IBM SDK, Java Technology Edition (IBM JRE) under multiple releases: 5.0 before SR16-FP9, 6 before SR16-FP3, 6R1 before SR8-FP3, 7 before SR8-FP10, and 7R1 before SR2-FP10. The vulnerability allows remote attackers to escape the Java sandbox and execute arbitrary code through...
JDK: Privilege escalation issue
Unspecified vulnerability in the IBM Java Virtual Machine, as used in IBM WebSphere Real Time 3 before Service Refresh 7 FP1 and other products, allows remote attackers to gain privileges by leveraging the ability to execute code in the context of a security manager...
ICU: font parsing OOB read (OpenJDK 2D, 8055489)
A boundary check flaw was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory...
ICU: font parsing OOB read (OpenJDK 2D, 8056276)
A boundary check flaw was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory...
ICU: font parsing OOB read (OpenJDK 2D, 8055489)
A boundary check flaw was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory...
Unspecified Vulnerability in Oracle Database Server OJVM Component
Oracle Database is a large database of commercial nature. An unspecified security vulnerability in the Oracle Database Server OJVM component could be exploited by remote attackers to compromise system confidentiality, integrity, and availability...
CVE-2014-8120
The agent in Thermostat before 1.0.6, when using unspecified configurations, allows local users to obtain the JMX management URLs of all local Java virtual machines and gain privileges via unknown vectors...
Design/Logic Flaw
The agent in Thermostat before 1.0.6, when using unspecified configurations, allows local users to obtain the JMX management URLs of all local Java virtual machines and gain privileges via unknown vectors...
CVE-2014-8120
The agent in Thermostat before 1.0.6, when using unspecified configurations, allows local users to obtain the JMX management URLs of all local Java virtual machines and gain privileges via unknown vectors...
CVE-2014-3086
Unspecified vulnerability in the IBM Java Virtual Machine, as used in IBM WebSphere Real Time 3 before Service Refresh 7 FP1 and other products, allows remote attackers to gain privileges by leveraging the ability to execute code in the context of a security manager...
Security feature bypass
Unspecified vulnerability in the IBM Java Virtual Machine, as used in IBM WebSphere Real Time 3 before Service Refresh 7 FP1 and other products, allows remote attackers to gain privileges by leveraging the ability to execute code in the context of a security manager...
CVE-2014-3086
Unspecified vulnerability in the IBM Java Virtual Machine, as used in IBM WebSphere Real Time 3 before Service Refresh 7 FP1 and other products, allows remote attackers to gain privileges by leveraging the ability to execute code in the context of a security manager...
CVE-2014-3086
CVE-2014-3086 is an IBM Java VM privilege-escalation issue impacting IBM Java SDK/JRE used in IBM WebSphere Real Time and related IBM products. The vulnerability allows untrusted code running under a security manager to escalate privileges, enabling remote code execution under the context of the ...
JDK: Privilege escalation issue
Unspecified vulnerability in the IBM Java Virtual Machine, as used in IBM WebSphere Real Time 3 before Service Refresh 7 FP1 and other products, allows remote attackers to gain privileges by leveraging the ability to execute code in the context of a security manager...
JDK: Privilege escalation issue
Unspecified vulnerability in the IBM Java Virtual Machine, as used in IBM WebSphere Real Time 3 before Service Refresh 7 FP1 and other products, allows remote attackers to gain privileges by leveraging the ability to execute code in the context of a security manager...
RHEL 6 / 7 : java-1.7.0-openjdk (RHSA-2014:0889)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0889 advisory. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. It was...