5576 matches found
Medium: java-11-openjdk
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Utility. Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2...
CVE-2023-34196
In the Keyfactor EJBCA before 8.0.0, the RA web certificate distribution servlet /ejbca/ra/cert allows partial denial of service due to an authentication issue. In configurations using OAuth, disclosure of CA certificates attributes and public keys to unauthenticated or less privileged users may...
CVE-2023-34196
In the Keyfactor EJBCA before 8.0.0, the RA web certificate distribution servlet /ejbca/ra/cert allows partial denial of service due to an authentication issue. In configurations using OAuth, disclosure of CA certificates attributes and public keys to unauthenticated or less privileged users may...
PT-2023-24731 · Keyfactor · Keyfactor Ejbca
Name of the Vulnerable Software and Affected Versions: Keyfactor EJBCA versions prior to 8.0.0 Description: The issue is related to an authentication problem in the RA web certificate distribution servlet, specifically at the "/ejbca/ra/cert" endpoint. This can lead to a partial denial of service...
The vulnerability of the Utility component of the Java SE software platform and the Oracle GraalVM Enterprise Edition and Oracle GraalVM for JDK virtual machines allows attackers to cause partial service interruptions.
The vulnerability of the Utility component of the Java SE software platform and the Oracle GraalVM Enterprise Edition and Oracle GraalVM for JDK virtual machines is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to cause partial service disruption...
Lack of protection when caling CusdcV3Wrapper._withdraw
Lines of code Vulnerability details Impact When unwrapping the wComet to its rebasing comet, users with an equivalent amount of wComet invoking CusdcV3Wrapper.withdraw at around the same time could end up having different percentage gains because comet is not linearly rebasing. Moreover, the...
The vulnerability of the Repository component of the Oracle Hyperion Financial Reporting application, which allows a perpetrator to gain unauthorized access to protected information or cause partial service failure.
The vulnerability of the Repository component in Oracle Hyperion Financial Reporting’s budget management automation processes is related to insecure management of privileges. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information or cause a...
The vulnerability of the Analytics Server component of the Oracle Business Intelligence Enterprise Edition software platform allows a perpetrator to cause a partial service outage.
The vulnerability of the Analytics Server component of the Oracle Business Intelligence Enterprise Edition software is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to cause a partial service outage...
The vulnerability of the Analytics Server component of the Oracle Business Intelligence Enterprise Edition software platform allows a perpetrator to cause a partial service outage.
The vulnerability of the Analytics Server component of the Oracle Business Intelligence Enterprise Edition software is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to cause a partial service outage...
User can drain all locked tokens during withdrawal and still retain their voting power
Lines of code Vulnerability details Impact In the NFTBaseVault.sol contract, a user can decide to withdraw all locked tokens by calling the withdraw... function until all locked funds are drained and the still retain their voting power. Proof of Concept if a user malicious or not decides not to...
OpenJDK: ZIP file parsing infinite loop (8302483)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Utility. Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM...
AlmaLinux 8 : java-11-openjdk (ALSA-2023:4175)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4175 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Networking. Supporte...
OpenJDK: ZIP file parsing infinite loop (8302483)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Utility. Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM...
OpenJDK: ZIP file parsing infinite loop (8302483)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Utility. Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM...
OpenJDK: ZIP file parsing infinite loop (8302483)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Utility. Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM...
OpenJDK: ZIP file parsing infinite loop (8302483)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Utility. Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM...
OpenJDK: ZIP file parsing infinite loop (8302483)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Utility. Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM...
OpenJDK: ZIP file parsing infinite loop (8302483)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Utility. Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM...
Unspecified Vulnerability in Oracle Application Expresses (CNVD-2023-78671)
Oracle Application Express is the United States Oracle Oracle, a low-code development platform. A security vulnerability in Application Express Administration in Oracle Application Express can be exploited by an attacker to cause unauthorized update, insertion, or deletion access to certain...
OpenJDK: ZIP file parsing infinite loop (8302483)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Utility. Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM...