Arbitrary Command Execution Vulnerability in Multiple Vmware Products

VMware vCenter Server and others are products of VMware. vCenter Server is a suite of server and virtualization management software. The software provides a centralized platform for managing VMware vSphere environments that automates the implementation and delivery of virtual infrastructure. vClo...

Juniper Networks Junos Space Multiple Vulnerabilities (JSA10727)

Juniper Networks Junos Space is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

VulnCheck KEV: CVE-2015-2590

An unspecified vulnerability exists within Oracle Java Runtime Environment that allows an attacker to perform remote code execution...

Oracle Java Runtime Environment ShortComponentRaster.verify Memory Corruption - Ver2 (CVE-2013-2472)

A memory corruption vulnerability exists in Oracle's Java Runtime. The vulnerability is due to insufficient input validation on ShortComponentRaster.verify method parameters which will lead to bypassing of "dataOffsets0" boundary checks when the "numDataElements" field is 0. A remote attacker can...

RHEL 6 : java-1.8.0-oracle (RHSA-2015:0080) (POODLE)

Updated java-1.8.0-oracle packages that fix several security issues are now available for Oracle Java for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severi...

Unspecified Arbitrary Code Execution Vulnerability in Oracle Java SE RMI Subware

Oracle Java Runtime Environment is a solution that provides a reliable runtime environment for JAVA applications. An unspecified security vulnerability exists in the Oracle Java SE RMI subcomponent, which allows an unauthenticated attacker to exploit the vulnerability to attack over multiple...

ESA-2014-071: RSA Archer® GRC Platform Multiple Vulnerabilities

ESA-2014-071.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-071: RSA Archer® GRC Platform Multiple Vulnerabilities EMC Identifier: ESA-2014-071 CVE Identifier: CVE-2014-2517, CVE-2014-2505, CVE-2014-0640, CVE-2014-0641 Severity Rating: CVSS v2 Base Score: See below for individual scor...

RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2014:0412)

Updated java-1.7.0-oracle packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give...

Oracle Java TTF Font Parsing Heap Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java Runtime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

Critical: Red Hat Security Advisory: java-1.7.0-oracle security update

Updated java-1.7.0-oracle packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give...

JDK: unspecified vulnerability fixed in 6u41 and 7u15 (Deployment)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE 7 Update 13 and earlier and 6 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment...

OpenJDK: ObjectOutputStream access checks (Serialization, 8008132)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serialization. NOTE: the...

OpenJDK: GnomeFileTypeDetector path access check (Libraries, 8004288)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not...

VMware vCenter Server Multiple Vulnerabilities (VMSA-2012-0005)

The version of VMware vCenter Server installed on the remote host is 4.0 before Update 4a, 4.1 before Update 3, or 5.0 before Update 1. As such it is potentially affected by multiple vulnerabilities in the embedded Apache Tomcat server and the Oracle Sun Java Runtime Environment. C Tenable Networ...

OpenJDK: JPEGImageReader state corruption (ImageIO, 8007667)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; JavaFX 2.2.7 and earlier; and OpenJDK 6 and 7 allows remote attackers to affect confidentiality, integrity, and availability v...

ICU: Layout Engine font processing errors (JDK 2D, 8001031)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to 2D. NOTE: the previous...

Oracle Java Runtime Environment 'Reflection API'任意代码执行漏洞

Oracle Java Runtime Environment是一款为JAVA应用程序提供可靠的运行环境的解决方案。 Oracle Java SE 7包括最近发布的1.7.021-b11存在一个安全漏洞，允许远程攻击者利用漏洞绕过Java安全沙盒，并以WEB浏览器上下文执行任意代码。 要成功利用此漏洞需要用户有一定的交互，如在显示安全警告窗口时需要用户接受执行潜在恶意Java应用的风险。 根据研究者声称，此漏洞还影响Server JRE 7。 0 Oracle Java SE 7及之前版本 厂商解决方案 目前没有详细解决方案提供： http://www.oracle.com...

Critical: Red Hat Security Advisory: java-1.6.0-sun security update

Updated java-1.6.0-sun packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give...

OpenJDK: JPEGImageWriter state corruption (ImageIO, 8007918)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors relate...

Oracle Java Runtime Environment CVE-2013-2423 Security Bypass Vulnerability

Description Oracle Java Runtime Environment is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass sandbox protection and perform unauthorized actions in the context of the application. This vulnerability affects the following supported versions: 7 Update 17 and...