Moderate: Red Hat Security Advisory: java-1.8.0-openjdk security and bug fix update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Oracle Java SE Multiple Vulnerabilities (April 2017 CPU) (Unix)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 6 Update 151, 7 Update 141, or 8 Update 131. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Networking subcomponent that allows an unauthenticated...

Moderate: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Oracle JRockit R28.3.13 Multiple Vulnerabilities (April 2017 CPU)

The version of Oracle JRockit installed on the remote Windows host is R28.3.13. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the JCE subcomponent that allows a local attacker to gain elevated privileges. CVE-2017-3511 - An unspecified flaw exists in the...

Oracle Java SE Security Updates (cpuapr2017-3236618) 02 - Windows

Oracle Java SE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:jre"; ifdescription...

Oracle Java SE Security Updates (cpuapr2017-3236618) 01 - Linux

Oracle Java SE is prone to multiple vulnerabilities. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Oracle Java SE Security Updates (cpuapr2017-3236618) 02 - Linux

Oracle Java SE is prone to multiple vulnerabilities. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

IBM WebSphere MQ 7.1 < 7.1.0.8 / 7.5 < 7.5.0.7 / 8.0 < 8.0.0.5 Multiple Vulnerabilities

According to its self-reported version, the IBM WebSphere MQ server installed on the remote Windows host is version 7.1 without fix pack 7.1.0.8, 7.5 without fix pack 7.5.0.7, or 8.0 without fix pack 8.0.0.5. It is, therefore, affected by multiple vulnerabilities : - A buffer overflow condition...

OpenJDK: non-constant time GCM authentication tag comparison (JCE, 8143945)

It was discovered that the GCM Galois/Counter Mode implementation in the JCE component in OpenJDK used a non-constant time comparison when comparing GCM authentication tags. A remote attacker could possibly use this flaw to determine the value of the authentication tag...

openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-554)

This update for java-180-openjdk fixes the following security issues - April 2016 Oracle CPU bsc976340 : - CVE-2016-0686: Unspecified vulnerability allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization. - CVE-2016-0687: Unspecified...

Security update for java-1_8_0-openjdk (important)

This update for java-180-openjdk fixes the following security issues - April 2016 Oracle CPU bsc976340: - CVE-2016-0686: Unspecified vulnerability allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization. - CVE-2016-0687: Unspecified...

Amazon Linux AMI : java-1.8.0-openjdk (ALAS-2016-688)

It was discovered that the ObjectInputStream class in the Serialization component of OpenJDK failed to properly ensure thread consistency when deserializing serialized input. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. CVE-2016-0686 It was...

Oracle Java SE Unspecified Vulnerability (Apr 2016) - Linux

Oracle Java SE is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 6 : java-1.8.0-openjdk (CESA-2016:0651)

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Oracle Java SE Unspecified Vulnerability (Apr 2016) - Windows

Oracle Java SE is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:jre"; ifdescripti...

java security update

CentOS Errata and Security Advisory CESA-2016:0651 An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detaile...

CVE-2016-3426

Unspecified vulnerability in Oracle Java SE 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality via vectors related to JCE...

Buffer overflow

Unspecified vulnerability in Oracle Java SE 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality via vectors related to JCE...

CVE-2016-3426

CVE-2016-3426 is described in connected advisories as an unspecified vulnerability in Oracle Java SE 8u77 and Java SE Embedded 8u77 that could allow remote attackers to obtain partial confidentiality via the JCE component. Public feeds reference OpenJDK/OpenJDK-related fixes across multiple distr...

CVE-2016-3426

Unspecified vulnerability in Oracle Java SE 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality via vectors related to JCE...