The vulnerability of the Fault Management Architecture component of the Oracle Solaris operating system allows a malicious actor to gain read, modify, add, or delete access to data, gain privileged access to infrastructure resources, or cause partial service interruption.

The vulnerability of the Fault Management Architecture component of the Oracle Solaris operating system is related to errors in the code. Exploiting this vulnerability can allow an attacker to gain read, modify, add, or delete data privileges, access privileged infrastructure resources, or cause...

Vulnerability of the Server component: Security: Encryption of the MySQL Server database management system, which allows attackers to cause partial service interruptions.

The vulnerability of the MySQL Server component’s Security: Encryption module is related to errors in resource release. Exploiting this vulnerability can allow an attacker to cause a partial service outage...

Vulnerability of the Cluster component: The general system for managing MySQL Cluster databases, which allows attackers to disclose sensitive information or cause partial service interruptions.

Vulnerability of the Cluster component: General database management systems like MySQL Cluster involve reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose sensitive information or cause partial service interruptions...

Vulnerability of the Cluster component: The general system for managing MySQL Cluster databases, which allows attackers to disclose sensitive information and cause partial service interruptions.

Vulnerability of the Cluster component: General database management systems like MySQL Cluster involve reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose sensitive information and cause partial service interruptions...

Vulnerability of the Server component: The MySQL Server database management system component, which allows a hacker to cause partial service disruption.

Vulnerability of the MySQL Server component: The DDL system for database management by MySQL Server involves reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a partial service failure remotely...

OpenJDK: Incorrect IdentityHashMap size checks during deserialization (Libraries, 8270416)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability...

OpenJDK: Integer overflow in BMPImageReader (ImageIO, 8273838)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...

OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...

OpenJDK: Incomplete checks of StringBuffer and StringBuilder during deserialization (Libraries, 8270392)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability...

OpenJDK: Incomplete checks of StringBuffer and StringBuilder during deserialization (Libraries, 8270392)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability...

OpenJDK: Incorrect IdentityHashMap size checks during deserialization (Libraries, 8270416)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability...

OpenJDK: Excessive resource use when reading JAR manifest attributes (Libraries, 8272026)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability...

CVE-2022-0547

OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials...

OpenVPN 授权问题漏洞

OpenVPN is a software package for creating encrypted tunnels for virtual private networks VPNs from US-based OpenVPN, which uses the OpenSSL library to encrypt data and control information and allows created VPNs to be authenticated using public keys, electronic certificates, or...

Vulnerability fixed in OpenVPN

A vulnerability has been fixed in OpenVPN. A malicious person who has a user's partial credentials can exploit the exploit the vulnerability to bypass authentication. Only systems that use multiple external authentication plug-ins are vulnerable. OpenVPN has released updates to fix the...

SUSE SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2022:0871-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0871-1 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization...

PT-2022-7665 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the crypto component of the Linux kernel, specifically the qcom-rng module. The generate function in struct rng alg expects the destination buffer to be...

CVE-2020-14112

Information Leak Vulnerability exists in the Xiaomi Router AX6000. The vulnerability is caused by incorrect routing configuration. Attackers can exploit this vulnerability to download part of the files in Xiaomi Router AX6000...

CLSA-2022-1646060698 Fix of CVE: CVE-2021-31807, CVE-2021-28662, CVE-2021-33620, CVE-2021-28652, CVE-2021-28651, CVE-2021-31808, CVE-2021-31806

CVE-2021-28651: Fix memory leak that perform DoS via buffer-management bug - CVE-2021-28652: Fix cache manager URL parsing that perform DoS via incorrect parser validation - CVE-2021-28662: Add limit HeaderLookupTablet::lookup to BadHdr and specific IDs that perform DoS via certain response...

Oracle Taleo Denial of Service Vulnerability

Oracle Taleo is a powerful standalone talent acquisition suite from Oracle Corporation USA. for sourcing and hiring the best candidates. A denial of service vulnerability exists in Oracle Talent Acquisition Cloud - Taleo Enterprise Edition, which originates from failure to properly handle incomin...