5549 matches found
OpenJDK: insufficient index validation in PatternSyntaxException getMessage() (Concurrency, 8199547)
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Concurrency. Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit vulnerability allows unauthenticated...
ALPINE-CVE-2018-0498
ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery for a CBC based ciphersuite via a cache-based side-channel attack...
UBUNTU-CVE-2018-0497
ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve partial plaintext recovery for a CBC based ciphersuite via a timing-based side-channel attack. This vulnerability exists because of an incorrect fix with a wrong SHA-384 calculation for CVE-2013-0169...
DEBIAN-CVE-2018-0497
ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve partial plaintext recovery for a CBC based ciphersuite via a timing-based side-channel attack. This vulnerability exists because of an incorrect fix with a wrong SHA-384 calculation for CVE-2013-0169...
ALPINE-CVE-2018-0497
ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve partial plaintext recovery for a CBC based ciphersuite via a timing-based side-channel attack. This vulnerability exists because of an incorrect fix with a wrong SHA-384 calculation for CVE-2013-0169...
CVE-2018-0497
CVE-2018-0497 affects ARM mbed TLS prior to 2.12.0, prior to 2.7.5, and prior to 2.1.14. It enables remote partial plaintext recovery in CBC-based ciphersuites via a timing-based side-channel attack. The issue stems from an incorrect fix for CVE-2013-0169, specifically a wrong SHA-384 calculation...
CVE-2018-0497
ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve partial plaintext recovery for a CBC based ciphersuite via a timing-based side-channel attack. This vulnerability exists because of an incorrect fix with a wrong SHA-384 calculation for CVE-2013-0169...
CVE-2018-0498
ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery for a CBC based ciphersuite via a cache-based side-channel attack...
CVE-2018-0497
ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve partial plaintext recovery for a CBC based ciphersuite via a timing-based side-channel attack. This vulnerability exists because of an incorrect fix with a wrong SHA-384 calculation for CVE-2013-0169...
OpenJDK: insufficient index validation in PatternSyntaxException getMessage() (Concurrency, 8199547)
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Concurrency. Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit vulnerability allows unauthenticated...
OpenJDK: insufficient index validation in PatternSyntaxException getMessage() (Concurrency, 8199547)
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Concurrency. Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit vulnerability allows unauthenticated...
OpenJDK: insufficient index validation in PatternSyntaxException getMessage() (Concurrency, 8199547)
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Concurrency. Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit vulnerability allows unauthenticated...
OpenJDK: insufficient index validation in PatternSyntaxException getMessage() (Concurrency, 8199547)
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Concurrency. Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit vulnerability allows unauthenticated...
CVE-2018-3098
Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. The supported version that is affected is 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...
CVE-2018-3094
Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. The supported version that is affected is 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...
CVE-2018-3093
Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. The supported version that is affected is 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...
CVE-2018-3102
Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. The supported version that is affected is 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...
CVE-2018-3096
Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. The supported version that is affected is 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...
CVE-2018-3095
Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. The supported version that is affected is 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...
CVE-2018-3099
Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. The supported version that is affected is 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...