[SECURITY] Fedora 40 Update: clojure-1.11.2-1.fc40

Clojure is a dynamic programming language that targets the Java Virtual Machine. It is designed to be a general-purpose language, combining the approachability and interactive development of a scripting language with an efficient and robust infrastructure for multithreaded programming. Clojure is...

openSUSE: Security Advisory for java (SUSE-SU-2023:2862-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-20903

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.21 and 21.3-21.12. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to compromise...

jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin

A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with...

The vulnerability of the Java VM component of the Oracle Database Server management system allows a hacker to gain access to read, modify, or delete data.

The vulnerability of the Java VM component of the Oracle Database Server management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to read, modify, or delete data...

Important: java-17-openjdk security and bug fix update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: incorrect handling of ZIP files with duplica...

PT-2024-1150 · Oracle · Oracle Database Server

Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19.3 through 19.21 Oracle Database Server versions 21.3 through 21.12 Description: The issue is related to insufficient input validation in the Java VM component of Oracle Database Server. This can be exploited...

GHSA-3PJV-R7W4-2CF5 Grails data binding causes JVM crash and/or other denial of service

Impact A specially crafted web request can lead to a JVM crash or denial of service. Any Grails framework application using Grails data binding is vulnerable. Patches Patches are available for Grails 3 and later. Workarounds No workaround is possible except to avoid data binding to request data...

Grails Resource Management Error Vulnerability

Grails is a suite of open source frameworks for rapid web application development based on the Groovy programming language from the Grails project. Grails suffers from a resource management error vulnerability that originates from allowing an attacker to cause a denial of service DOS to the JVM v...

PT-2023-9588 · Oracle · Oracle Database Server

Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19.3 through 19.24 Oracle Database Server versions 21.3 through 21.15 Oracle Database Server versions 23.4 through 23.5 Description: The issue is related to insufficient protection of internal data due to...

Eclipse OpenJ9 Competition Condition Issue Vulnerability

Eclipse OpenJ9 is a Java application engine from the Eclipse Foundation. It is primarily used to run Java applications. A security vulnerability exists in Eclipse OpenJ9 versions prior to 0.41.0, which stems from the fact that if a shutdown signal is received before the JVM completes...

The vulnerability of the Java VM component of the Oracle Database Server management system allows a hacker to gain access to read, modify, or delete data.

The vulnerability of the Java VM component of the Oracle Database Server management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain access to read, modify, or delete data using the Oracle Net network protocol...

Security Bulletin: Multiple vulnerabilities in the GSKit builds affect IBM Rational ClearQuest

Summary There are multiple vulnerabilities in the GSKit, which are used by IBM Rational ClearQuest. IBM Rational ClearQuest has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-33850 DESCRIPTION: IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information,...

The vulnerability of the Java VM component of the Oracle Database Server management system allows a hacker to gain access to read, modify, add, or delete data.

The vulnerability of the Java VM component of the Oracle Database Server management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain read, modify, add, or delete access to data...

Oracle Database Server 安全漏洞

Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. A security vulnerability exists in the Java VM component of Oracle Database Server, whi...

SUSE-SU-2023:2863-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Updated to Java 8.0 Service Refresh 8 Fix Pack 6 bsc1213000: - Fixed issue in Java Virtual Machine where outofmemory OOM killer terminates the jvm due to failure in control groups detection...

Zimbra Collaboration Suite 命令注入漏洞

Zimbra Collaboration Suite ZCS is an open source collaboration suite from Zimbra in the United States. The product includes WebMail, Calendar, Address Book and more. A security vulnerability exists in Zimbra Collaboration Suite versions 9.0 and 8.8.15, which stems from a local elevation of...

The vulnerability of the Zimbra Collaboration Suite’s corporate email management system lies in the use of certain JVM arguments within the mail server. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Zimbra Collaboration Suite email management system is related to the use of certain arguments in the Java Virtual Machine JVM used by the mail server. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibili...

The vulnerability of the Java VM component of the Oracle Database Server management system allows a hacker to gain access to read, modify, add, or delete data.

The vulnerability of the Java VM component of the Oracle Database Server management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain read, modify, add, or delete access to data...

CVE-2023-21934

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Difficult to exploit vulnerability allows low privileged attacker having User Account privilege with network access via TLS to compromise Java VM. Successful attacks of this...