UBUNTU-CVE-2017-10347

Vulnerability in the Java SE, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

CVE-2017-10309

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Deployment. Supported versions that are affected are Java SE: 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks...

CVE-2017-10350

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAX-WS. Supported versions that are affected are Java SE: 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protoco...

Microsoft Edge 38.14393.1066.0 - Memory Corruption with Partial Page Loading

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1309 There is a security issue in Microsoft Edge related to how HTML documents are loaded. If Edge displays a HTML document from a slow HTTP server, it is possible that a part of the document is going to be rendered before the serv...

Unspecified Vulnerability in Philips' IntelliView MX40 Patient Worn Monitor

The MX40 Patient Worn Monitor is primarily used as a traditional telemetry medical device as part of a surveillance and alarm system. Under certain 802.11 network conditions, it is possible to partially re-associate the MX40 WLAN Monitor to a central monitoring station. In this state, the central...

The vulnerability of the NTP network time protocol’s speed-limiting service allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Network Time Protocol’s rate-limiting service exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause partial breaches of the confidentiality, integrity, and accessibility of the...

Cisco ASR 5500 System Architecture Evolution Gateway GPRS Tunneling Protocol Denial of Service Vulnerability

A vulnerability in the General Packet Radio Service GPRS Tunneling Protocol ingress packet handler of Cisco ASR 5500 System Architecture Evolution SAE Gateways could allow an unauthenticated, remote attacker to cause a partial denial of service DoS condition on an affected device. The vulnerabili...

Abusing Token Privileges For LPE

Abusing Token Privileges For LPE. Papers exploit for Windows platform |=-----------------------------------------------------------------------=| |=----------------= Abusing Token Privileges For LPE=------------------=| |=-----------------------------------------------------------------------=|...

BSA-2017-420

Security Advisory ID : BSA-2017-420 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit:...

BSA-2017-422

Security Advisory ID : BSA-2017-422 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JAX-WS. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit:...

OpenJDK: unbounded memory allocation in BasicAttribute deserialization (Serialization, 8174105)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker...

OpenJDK: unbounded memory allocation in CodeSource deserialization (Serialization, 8174113)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker...

OpenJDK: unbounded memory allocation in CodeSource deserialization (Serialization, 8174113)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker...

OpenJDK: unbounded memory allocation in CodeSource deserialization (Serialization, 8174113)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker...

ALPINE-CVE-2017-3636

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Client programs. Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server execut...

CVE-2017-10243

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JAX-WS. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with...

CVE-2017-10207

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Utilities. The supported version that is affected is 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality...

CVE-2017-10221

Vulnerability in the Oracle Hospitality RES 3700 component of Oracle Hospitality Applications subcomponent: OPS Operations. The supported version that is affected is 5.5. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Hospitality RE...

CVE-2017-10225

Vulnerability in the Oracle Hospitality RES 3700 component of Oracle Hospitality Applications subcomponent: OPS Operations. The supported version that is affected is 5.5. Difficult to exploit vulnerability allows physical access to compromise Oracle Hospitality RES 3700. While the vulnerability i...

CVE-2017-10232

Vulnerability in the Hospitality WebSuite8 Cloud Service component of Oracle Hospitality Applications subcomponent: General. Supported versions that are affected are 8.9.6 and 8.10.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...