KLA61443 Multiple vulnerabilities in Oracle Java SE and GraalVM

Multiple vulnerabilities were found in Oracle Java SE and GraalVM. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Code execution vulnerability in CORBA can be exploited to execute arbitrary code...

Denial Of Service (DoS)

log4j:log4j is vulnerable to Denial of Service DoS attacks. The vulnerability is due to the Chainsaw or SocketAppender components processing a logging entry with either a deeply nested hashmap or hashtable, which can lead to memory exhaustion when the object is deserialized. An attacker can submi...

CVE-2023-26464

UNSUPPORTED WHEN ASSIGNED When using the Chainsaw or SocketAppender components with Log4j 1.x on JRE less than 1.7, an attacker that manages to cause a logging entry involving a specially-crafted ie, deeply nested hashmap or hashtable depending on which logging component is in use to be processed...

KLA10887 Multiple vulnerabilities in Oracle Java SE

An unspecified vulnerabilities were found in Oracle Java SE. By exploiting this vulnerability malicious users can cause denial of service, affect integrity or obtain sensitive information. This vulnerability can be exploited remotely. Technical details These vulnerabilities are related to 2D, AWT...

VMware ESXi product updates to third party libraries (VMSA-2014-0008)

VMware has updated vSphere third party libraries. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

VMSA-2014-0008 : VMware vSphere product updates to third-party libraries

a. vCenter Server Apache Struts Update The Apache Struts library is updated to address a security issue. This issue may lead to remote code execution after authentication. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the identifier CVE-2014-0114 to this issue. b...

VMSA-2014-0002 VMware vSphere updates to third party libraries

VMware has updated vSphere third party libraries. OpenVAS Vulnerability Test $Id: gbVMSA-2014-0002.nasl 6692 2017-07-12 09:57:43Z teissa $ VMSA-2014-0002: VMware vSphere updates to third party libraries Authors: Michael Meyer Copyright: Copyright c 2014 Greenbone Networks GmbH This program is fre...

VMSA-2014-0002 : VMware vSphere updates to third-party libraries

a. DDoS vulnerability in NTP third-party libraries The NTP daemon has a DDoS vulnerability in the handling of the 'monlist' command. An attacker may send a forged request to a vulnerable NTP server resulting in an amplified response to the intended target of the DDoS attack. Mitigation Mitigation...

Oracle JRE/JDK: Multiple vulnerabilities

Background The Oracle Java Development Kit JDK formerly known as Sun JDK and the Oracle Java Runtime Environment JRE formerly known as Sun JRE provide the Oracle Java platform formerly known as Sun Java Platform. Description Multiple vulnerabilities have been reported in the Oracle Java...