OpenJDK: NULL pointer dereference in DrawGlyphList (2D, 8222690)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

OpenJDK: Missing restrictions on use of custom SocketImpl (Networking, 8218573)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...

OpenJDK: Unexpected exception thrown by Pattern processing crafted regular expression (Concurrency, 8222684)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Concurrency. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

OpenJDK: Unexpected exception thrown by XPath processing crafted XPath expression (JAXP, 8224532)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JAXP. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

OpenJDK: Integer overflow in bounds check in SunGraphics2D (2D, 8225292)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

OpenJDK: Unexpected exception thrown during regular expression processing in Nashorn (Scripting, 8223518)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Scripting. Supported versions that are affected are Java SE: 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

OpenJDK: Unexpected exception thrown by Pattern processing crafted regular expression (Concurrency, 8222684)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Concurrency. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

CVE-2019-18672

Insufficient checks in the finite state machine of the ShapeShift KeepKey hardware wallet before firmware 6.2.2 allow a partial reset of cryptographic secrets to known values via crafted messages. Notably, this breaks the security of U2F for new server registrations and invalidates existing...

OpenJDK: NULL pointer dereference in DrawGlyphList (2D, 8222690)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

OpenJDK: Integer overflow in bounds check in SunGraphics2D (2D, 8225292)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

OpenJDK: Unexpected exception thrown by Pattern processing crafted regular expression (Concurrency, 8222684)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Concurrency. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

OpenJDK: Missing restrictions on use of custom SocketImpl (Networking, 8218573)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...

OpenJDK: Unexpected exception thrown during Font object deserialization (Serialization, 8224915)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

OpenJDK: Unexpected exception thrown by XPath processing crafted XPath expression (JAXP, 8224532)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JAXP. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

CVE-2019-2920

Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/ODBC. Supported versions that are affected are 5.3.13 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL...

The vulnerability of the faces/context/PartialViewContextImpl.java component in the Eclipse Mojarra library, which implements Mojarra JavaServer Faces and Eclipse EE4J specifications, allows attackers to perform cross-site scripting attacks.

The vulnerability of the faces/context/PartialViewContextImpl.java component in the Eclipse Mojarra library, as a implementation of Mojarra JavaServer Faces and Eclipse EE4J specifications, is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerabili...

RHEL 8 : GNOME (RHSA-2019:3553)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3553 advisory. GNOME is the default desktop environment of Red Hat Enterprise Linux. Security Fixes: evince: uninitialized memory use in function...

CVE-2017-10281

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacke...

Kernel: net: weak IP ID generation leads to remote device tracking

A flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a nethashmix function. A remote user could observe a weak IP ID generation in this field to track Linux devices...

The vulnerability of the 2D software platforms Oracle Java SE and Oracle Java SE Embedded allows a attacker to cause partial service disruption.

The vulnerability of the 2D software platforms Oracle Java SE and Oracle Java SE Embedded is caused by a numerical overflow. Exploiting this vulnerability can allow an attacker to cause a partial service failure...