EUVD-2021-16096

Malware in sbrugna...

PerfreeBlog 安全漏洞

PerfreeBlog is PerfreeBlog open source, a java-based blog/CMS builder. A security vulnerability exists in PerfreeBlog version 4.0.11, which stems from the use of hard-coded encryption keys...

USN-7481-1: OpenJDK 11 vulnerabilities

Alicja Kario discovered that the JSSE component of OpenJDK 11 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of OpenJDK 11 incorrectly handled compiler transformations. An...

USN-7099-1: OpenJDK 21 vulnerabilities

Andy Boothe discovered that the Networking component of OpenJDK 21 did not properly handle access under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. CVE-2024-21208 It was discovered that the Hotspot component of OpenJDK 21 did not...

FlyCms Security Vulnerability

sunkaifei FlyCms is sunkaifei open source application . A similar to Zhihu to Q&A based on the fully open source JAVA language development of social networking site builder . FlyCms security vulnerabilities , the vulnerability stems from /system/score/scorerulesave location cross-site request...

FlyCms 安全漏洞

FlyCms is sunkaifei open source an application . A similar to Zhihu to Q&A based on the fully open source JAVA language development of social network building program . FlyCms cross-site request forgery vulnerability , the vulnerability stems from /system/admin/addgroupsave location does not...

Command execution vulnerability exists in XStream (CNVD-2021-40248)

XStream is an open source Java class library , it is mainly used to serialize objects into XML JSON or deserialize objects . A command execution vulnerability exists in XStream. An attacker could exploit the vulnerability to execute arbitrary code in the context of an affected application run by ...

Arbitrary File Read Vulnerability in PublicCMS

Public CMS is the use of 2020 mainstream technology development of open-source JAVA CMS products , support for full-site static , SSI, dynamic pages partially static , multi-site , auto-installation and other features of the content management system . PublicCMS has an arbitrary file read...

OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274)

A flaw was found in the way the readObject method of the MethodType class in the Libraries component of OpenJDK checked argument types. This flaw allows an untrusted Java application or applet to bypass Java sandbox restrictions...

USN-3949-1: OpenJDK 11 vulnerability

It was discovered that a memory disclosure issue existed in the OpenJDK Library subsystem. An attacker could use this to expose sensitive information and possibly bypass Java sandbox restrictions. CVE-2019-2422 Please note that with this update, the OpenJDK package in Ubuntu 18.04 LTS has...

USN-3735-1: OpenJDK 7 vulnerability

It was discovered that the PatternSyntaxException class in OpenJDK did not properly validate arguments passed to it. An attacker could use this to potentially construct a class that caused a denial of service excessive memory consumption...

USN-3734-1: OpenJDK 8 vulnerability

It was discovered that the PatternSyntaxException class in OpenJDK did not properly validate arguments passed to it. An attacker could use this to possibly construct a class that caused a denial of service excessive memory consumption...

USN-2885-1: OpenJDK 6 vulnerabilities

Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code. CVE-2016-0483, CVE-2016-0494 A...

USN-1908-1: OpenJDK 6 vulnerabilities

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. CVE-2013-1500, CVE-2013-2454, CVE-2013-2458 A vulnerability was discovered in the OpenJDK Javadoc related to...