Lucene search
K

164 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 6:6 a.m.4 views

SUSE CVE-2008-5352

Integer overflow in the JAR unpacking utility unpack200 in the unpack library unpack.dll in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted applications and applets to gain privileges via a Pack200 compressed JA...

9.3CVSS7.9AI score0.0306EPSS
Exploits1References8
SUSE CVE
SUSE CVE
added 2023/02/15 6:4 a.m.5 views

SUSE CVE-2009-1096

Buffer overflow in unpack200 in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers...

10CVSS8AI score0.08233EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 6:3 a.m.4 views

SUSE CVE-2009-2675

Integer overflow in the unpack200 utility in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows context-dependent attackers to gain privileges via unspecified length fields in the header of a Pack200-compressed JAR file, which leads to...

10CVSS7.8AI score0.04324EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 6:0 a.m.9 views

SUSE CVE-2010-0837

Unspecified vulnerability in the Pack200 component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...

7.5CVSS8.2AI score0.03839EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2020/07/09 12:0 a.m.46 views

SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2020:1685-1)

This update for java-180-ibm fixes the following issues : java-180-ibm was updated to Java 8.0 Service Refresh 6 Fix Pack 10 bsc1172277,bsc1169511,bsc1160968 CVE-2020-2654: Fixed an issue which could have resulted in unauthorized ability to cause a partial denial of service CVE-2020-2754: Forward...

8.3CVSS6.5AI score0.0623EPSS
Exploits0References27
Tenable Nessus
Tenable Nessus
added 2020/07/09 12:0 a.m.37 views

SUSE SLES15 Security Update : java-1_8_0-ibm (SUSE-SU-2020:1684-1)

This update for java-180-ibm fixes the following issues : java-180-ibm was updated to Java 8.0 Service Refresh 6 Fix Pack 10 bsc1172277,bsc1169511,bsc1160968 CVE-2020-2654: Fixed an issue which could have resulted in unauthorized ability to cause a partial denial of service CVE-2020-2754: Forward...

8.3CVSS6.5AI score0.0623EPSS
Exploits0References27
Veracode
Veracode
added 2020/04/10 12:30 a.m.21 views

Arbitrary Code Execution

java is vulnerable to arbitrary code execution. A remote attacker is able to execute arbitrary using a JAR file using malicious Pack200 headers...

10CVSS6.1AI score0.07099EPSS
Exploits0References47Affected Software2
Tenable Nessus
Tenable Nessus
added 2016/08/12 12:0 a.m.35 views

openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-976)

This update for java-170-openjdk fixes the following issues : - Update to 2.6.7 - OpenJDK 7u111 - Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking bsc989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only bsc989734 - S8147771: Construction of static protection...

9.6CVSS6.8AI score0.0669EPSS
Exploits0References23
RedHat Linux
RedHat Linux
added 2013/10/23 4:26 p.m.4 views

OpenJDK: insufficient pack200 JAR files uncompress error checks (Runtime, 7057857)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown...

10CVSS7.4AI score0.03277EPSS
Exploits1References5
OPENSUSE Linux
OPENSUSE Linux
added 2013/03/01 5:5 p.m.60 views

java-1_7_0-openjdk: update to 2.3.6 (critical)

java-170-openjdk was updated to icedtea-2.3.6 bnc803379 containing various security and bugfixes: Security fixes - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at constructi...

10CVSS0.3AI score0.89987EPSS
Exploits10References1
Tenable Nessus
Tenable Nessus
added 2013/02/22 12:0 a.m.63 views

Oracle Java SE Multiple Vulnerabilities (March 2010 CPU) (Unix)

The version of Oracle formerly Sun Java Runtime Environment JRE installed on the remote host is earlier than 6 Update 19 / 5.0 Update 24 / 1.4.226. Such versions are potentially affected by security issues in the following components : - ImageIO - Java 2D - JRE - Java Web Start, Java Plug-in -...

9.8CVSS8.1AI score0.96319EPSS
Exploits46References30
Tenable Nessus
Tenable Nessus
added 2013/02/21 12:0 a.m.41 views

SuSE 11.2 Security Update : Java 1.6.0 (SAT Patch Number 7332)

java-160-openjdk based on Icedtea6-1.12.2 was released, fixing various security issues : New in release 1.12.2 2012-02-03 : - Security fixes - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name ...

10CVSS7.4AI score0.08087EPSS
Exploits2References41
OPENSUSE Linux
OPENSUSE Linux
added 2013/02/19 11:4 a.m.55 views

java-1_6_0-openjdk to 1.12.2 (important)

OpenJDK java-160-openjdk was updated to 1.12.2 to fix bugs and security issues bnc801972 Security fixes on top of 1.12.0 - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at...

10CVSS1AI score0.08087EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2013/02/12 12:0 a.m.38 views

Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2013:010)

Multiple security issues were identified and fixed in OpenJDK icedtea6 : - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at construction time - S6776941: CVE-2013-0427: Impro...

10CVSS7.4AI score0.08087EPSS
Exploits2References19
Tenable Nessus
Tenable Nessus
added 2013/02/11 12:0 a.m.38 views

Fedora 17 : java-1.7.0-openjdk-1.7.0.9-2.3.5.3.fc17 (2013-2209)

The update contains the following security fixes : - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at construction time - S6776941: CVE-2013-0427: Improve thread pool shutdow...

10CVSS7.3AI score0.08087EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2013/02/11 12:0 a.m.43 views

Fedora 16 : java-1.7.0-openjdk-1.7.0.9-2.3.5.3.fc16 (2013-2188)

The update contains the following security fixes : - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at construction time - S6776941: CVE-2013-0427: Improve thread pool shutdow...

10CVSS7.3AI score0.08087EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2012/01/25 12:0 a.m.278 views

Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : openjdk-6, openjdk-6b18 regression (USN-1263-2) (BEAST)

USN-1263-1 fixed vulnerabilities in OpenJDK 6. The upstream patch for the chosen plaintext attack on the block-wise AES encryption algorithm CVE-2011-3389 introduced a regression that caused TLS/SSL connections to fail when using certain algorithms. This update fixes the problem. We apologize for...

10CVSS8.2AI score0.96714EPSS
Exploits19References15
Ubuntu
Ubuntu
added 2012/01/24 9:7 p.m.93 views

USN-1263-2: OpenJDK 6 regression

USN-1263-1 fixed vulnerabilities in OpenJDK 6. The upstream patch for the chosen plaintext attack on the block-wise AES encryption algorithm CVE-2011-3389 introduced a regression that caused TLS/SSL connections to fail when using certain algorithms. This update fixes the problem. We apologize for...

8.4AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2012/01/19 12:0 a.m.45 views

RHEL 6 : java-1.6.0-ibm (RHSA-2012:0034)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0034 advisory. The IBM Java SE version 6 release includes the IBM Java 6 Runtime Environment and the IBM Java 6 Software Development Kit. This update fixes...

10CVSS7.6AI score0.96714EPSS
Exploits19References40
RedHat Linux
RedHat Linux
added 2012/01/18 7:22 p.m.9 views

OpenJDK: insufficient pack200 JAR files uncompress error checks (Runtime, 7057857)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown...

10CVSS7.4AI score0.03277EPSS
Exploits1References5
Rows per page
Query Builder