5550 matches found
OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Scripting. Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037)
Vulnerability in the Java SE product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE...
OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to...
OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to...
OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Scripting. Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037)
Vulnerability in the Java SE product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE...
OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Scripting. Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2020-1365)
The version of java-1.7.0-openjdk installed on the remote host is prior to 1.7.0.261-2.6.22.1.83. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1365 advisory. Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization...
Important: java-1.7.0-openjdk
Issue Overview: Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with networ...
Amazon Linux 2 : java-1.8.0-openjdk (ALAS-2020-1421)
The version of java-1.8.0-openjdk installed on the remote host is prior to 1.8.0.252.b09-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1421 advisory. Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization...
Huawei AR3200 Authorization Issue Vulnerability
The Huawei AR3200 is an enterprise router from Huawei China. An authorization issue vulnerability exists in the Huawei AR3200, which can be exploited by an attacker to gain partial privileges on the device...
Debian: Security Advisory (DLA-2196-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR
A flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a nethashmix function. A remote user could observe this IP ID field to extract the kernel address bits used to derive its value, which may result in leaking the hash key and...
Updated virtualbox packages fix security vulnerabilities
This update provides the upstream 6.0.20 adding support for kernel 5.6 series and fixes the following security vulnerabilities: Oracle VM VirtualBox before 6.0.20 has an easily exploitable vulnerability that allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualB...
OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to...
OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Scripting. Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Scripting. Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Concurrency. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via multipl...