Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2022-1195)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for java-1.7.0-openjdk (EulerOS-SA-2022-1169)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Medium: java-11-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to...

Unspecified Vulnerability in Oracle Solaris (CNVD-2022-36957)

Oracle Solaris is a set of UNIX operating systems from Oracle. Oracle Solaris has a security vulnerability that could allow a low-privileged attacker to compromise Oracle Solaris by logging on to the infrastructure that executes Oracle Solaris.A successful attack would require human-computer...

util-linux 安全漏洞

util-linux is an open source package. util-linux suffers from a security vulnerability that stems from the partial disclosure of arbitrary files in CHFN and CHSH when Util-linux is compiled with libreadline. No detailed vulnerability details are available...

GHSA-WCV5-VRVR-3RX2 Integer Overflow or Wraparound in TensorFlow

Impact The Grappler component of TensorFlow is vulnerable to a denial of service via CHECK-failure assertion failure in constant folding: cc for const auto& outputprop : outputprops const PartialTensorShape outputshapeoutputprop.shape; // ... The outputprop tensor has a shape that is controlled b...

Rocky Linux 8 : java-1.8.0-openjdk (RLSA-2021:3893)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:3893 advisory. - Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Ja...

AlmaLinux 8 : libdb (ALSA-2021:1675)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:1675 advisory. - Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are Prior to 6.138, prior to 6.2.38 and prior to 18.1.32...

PYSEC-2022-146

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that TensorByteSize would trigger CHECK failures. TensorShape constructor throws a CHECK-fail if shape is partial or has a number of elements that would overflow t...

PYSEC-2022-146

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that TensorByteSize would trigger CHECK failures. TensorShape constructor throws a CHECK-fail if shape is partial or has a number of elements that would overflow t...

CVE-2022-23582

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that TensorByteSize would trigger CHECK failures. TensorShape constructor throws a CHECK-fail if shape is partial or has a number of elements that would overflow t...

OpenJDK: Loop in HttpsServer triggered during TLS session close (JSSE, 8254967)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacke...

Denial Of Service (DoS)

openjdk is vulnerable to denial of service. It allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of servi...

Denial Of Service (DoS)

openjdk is vulnerable to denial of service. The vulnerability exists because of untrusted code which allows unauthenticated attacker with network access via multiple protocols to cause a partial denial of service...

OpenLevV1 runs price update for UniV2Class DEXes only

Handle hyh Vulnerability details Impact If the price currently recorded by the system is outdated, the marginTrade and liquidate functions will use a stale price if being run with V3 dexData, which is what system allows. A malicious user can act on a stale price observation, using trade opening a...

Oracle Linux 7 : java-1.8.0-openjdk (ELSA-2022-0306)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-0306 advisory. 1:1.8.0.322.b06-1 - Update to aarch64-shenandoah-jdk8u322-b06 EA - Update release notes for 8u322-b06. - Switch to GA mode for final release. - Require...

Mageia: Security Advisory (MGASA-2021-0057)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OpenJDK: Integer overflow in BMPImageReader (ImageIO, 8273838)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...

OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...

OpenJDK: Incomplete checks of StringBuffer and StringBuilder during deserialization (Libraries, 8270392)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability...