Lucene search
K

10 matches found

RedHat Linux
RedHat Linux
added 2024/11/04 8:13 p.m.4 views

OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...

7.5CVSS7AI score0.17673EPSS
Exploits2References4
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/15 8:18 a.m.22 views

Security Bulletin: IBM Operational Decision Manager August 2023 - Multiple CVEs addressed

Summary IBM Operational Decision Manager is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2022-2047...

9.8CVSS9.2AI score0.17673EPSS
Exploits8Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/09/09 12:0 a.m.47 views

SUSE SLES12: java-1_8_0-ibm / java-1_8_0-ibm-alsa / java-1_8_0-ibm-devel / etc (SUSE-SU-2022:3152-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3152-1 advisory. Note: the issues listed below were NOT fixed with the previous update 8.0-7.11. - Update to Java 8.0 Service Refresh 7 Fix Pack 15...

7.5CVSS6.8AI score0.17673EPSS
Exploits2References14
OpenVAS
OpenVAS
added 2022/09/01 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2022:2949-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.17673EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2022/08/26 12:0 a.m.57 views

SUSE SLES12: java-1_7_1-ibm / java-1_7_1-ibm-alsa / java-1_7_1-ibm-devel / etc (SUSE-SU-2022:2898-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2898-1 advisory. - Updated to Java 7.1 Service Refresh 5 Fix Pack 15 bsc1202427: - CVE-2022-34169: Fixed an integer truncation issue in the Xalan Ja...

7.5CVSS6.8AI score0.17673EPSS
Exploits2References14
Tenable Nessus
Tenable Nessus
added 2022/08/10 12:0 a.m.48 views

SUSE SLED15: java-11-openjdk / java-11-openjdk-accessibility / etc (SUSE-SU-2022:2707-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2707-1 advisory. Update to upstream tag jdk-11.0.16+8 July 2022 CPU - CVE-2022-21540: Improve class compilation...

7.5CVSS6.8AI score0.17673EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2022/08/02 12:0 a.m.44 views

SUSE SLES12: java-11-openjdk / java-11-openjdk-demo / java-11-openjdk-devel / etc (SUSE-SU-2022:2610-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2610-1 advisory. Update to upstream tag jdk-11.0.16+8 July 2022 CPU - CVE-2022-21540: Improve class compilation bsc1201694 - CVE-2022-21541: Enhance...

7.5CVSS6.8AI score0.17673EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2022/07/27 12:0 a.m.53 views

Debian DSA-5192-1 : openjdk-17 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5192 advisory. Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in the execution of arbitrary Java bytecode or the bypass of the Java...

7.5CVSS7AI score0.17673EPSS
Exploits2References11
Amazon
Amazon
added 2022/07/20 12:0 a.m.154 views

Important: java-17-amazon-corretto

Issue Overview: Generated code produced by C1 may leak a package-private class to a class from a different package. CVE-2022-21540 MethodHandle.invokeBasic method can be accessed on byte code level from an arbitrary class. CVE-2022-21541 computeNextExponential sometimes returns negative numbers...

7.5CVSS7.9AI score0.17673EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2022/07/04 12:0 a.m.7 views

PT-2022-3956

Name of the Vulnerable Software and Affected Versions Apache Xalan Java XSLT library versions prior to 2.7.3 Description The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generat...

7.8CVSS7.4AI score0.17673EPSS
Exploits2References405
Rows per page
Query Builder