Security update for java-1_8_0-openjdk (important)

This update for java-180-openjdk fixes the following issues: Oracle Critical Patch Update of January 2017 bsc1020905 Upgrade to version jdk8u121 icedtea 3.3.0: - S8138725: Add options for Javadoc generation - S8140353: Improve signature checking - S8151934, CVE-2017-3231: Resolve class resolution...

SUSE SLED12 / SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2017:0346-1)

This update for java-180-openjdk fixes the following issues: Oracle Critical Patch Update of January 2017 bsc1020905 Upgrade to version jdk8u121 icedtea 3.3.0 : - S8138725: Add options for Javadoc generation - S8140353: Improve signature checking - S8151934, CVE-2017-3231: Resolve class resolutio...

SUSE-SU-2017:0346-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: Oracle Critical Patch Update of January 2017 bsc1020905 Upgrade to version jdk8u121 icedtea 3.3.0: - S8138725: Add options for Javadoc generation - S8140353: Improve signature checking - S8151934, CVE-2017-3231: Resolve class resolution...

KLA10959 An unspecified vulnerability in Oracle Java SE

An unspecified vulnerability was found in Oracle Java SE components. By exploiting this vulnerability malicious users can gain privileges and obtain sensitive information. This vulnerability can be exploited remotely by an unauthenticater attacker having network access via multiple protocols...

KLA10957 Multiple vulnerabilities in Oracle Java SE

Multiple serious vulnerabilities have been found in Oracle Java SE components. By exploiting these vulnerabilities malicious users can gain privileges and obtain sensitive information. These vulnerabilities can be exploited remotely by unauthenticater attacker having network access via multiple...

MySQL Enterprise Monitor 3.1.x < 3.1.6.7959 Java Object Deserialization RCE (January 2017 CPU)

According to its self-reported version, the MySQL Enterprise Monitor application running on the remote host is 3.1.x prior to 3.1.6.7959. It is, therefore, affected by a remote code execution vulnerability in the JMXInvokerServlet interface due to improper validation of Java objects before...

Debian DSA-3767-1 : mysql-5.5 - security update

Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.54, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes. Please see th...

FreeBSD : mysql -- multiple vulnerabilities (4d2f9d09-ddb7-11e6-a9a5-b499baebfeaf)

Oracle reports : No further details have been provided in the Critical Patch Update %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2019 Jacques Vidrine and contributors...

Oracle Patches 270 Vulnerabilities With First CPU of 2017

Oracle patched 270 vulnerabilities on Tuesday, many remotely exploitable, across 45 different products–including its E-Business Suite, Financial Services software, and MySQL database–as part of its quarterly Critical Patch Update CPU. The massive update comes close breaking Oracle’s record-settin...

Oracle Releases Security Bulletin

Oracle has released its Critical Patch Update for January 2017 to address 270 vulnerabilities across multiple products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Oracle...

mysql -- multiple vulnerabilities

Oracle reports: No further details have been provided in the Critical Patch Update...

Oracle E-Business Multiple Vulnerabilities (January 2017 CPU)

The version of Oracle E-Business installed on the remote host is missing the January 2017 Oracle Critical Patch Update CPU. It is, therefore, affected by multiple unspecified vulnerabilities in multiple components and subcomponents, the most severe of which can allow an unauthenticated, remote...

Oracle Database Multiple Vulnerabilities (January 2017 CPU)

The remote Oracle Database Server is missing the January 2017 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the OJVM component that allows an authenticated, remote attacker to execute arbitrary code. CVE-2017-3310 - An...

Oracle Critical Patch Update Advisory - January 2017

A Critical Patch Update CPU is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update...

Important: Red Hat Security Advisory: rh-mariadb100-mariadb security update

An update for rh-mariadb100-mariadb is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Updated mariadb packages fix security vulnerabilities

A race condition was found in the way MariaDB performed MyISAM engine table repair. A database user with shell access to the server running mysqld could use this flaw to change permissions of arbitrary files writable by the mysql system user CVE-2016-6663. This update fixes several vulnerabilitie...

Debian DSA-3706-1 : mysql-5.5 - security update

Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.53, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes. Please see th...

Oracle WebLogic Server Java Object Deserialization RCE (October 2016 CPU)

The remote Oracle WebLogic server is affected by a remote code execution vulnerability in the WLS Security component due to unsafe deserialize calls of unauthenticated Java objects to the Apache Commons File Upload library. An unauthenticated, remote attacker can exploit this, via a crafted a...

Critical Flaws in MySQL Give Hackers Root Access to Server (Exploits Released)

Over a month ago we reported about two critical zero-day vulnerabilities in the world's 2nd most popular database management software MySQL: MySQL Remote Root Code Execution CVE-2016-6662 Privilege Escalation CVE-2016-6663 At that time, Polish security researcher Dawid Golunski of Legal Hackers w...

Important: Red Hat Security Advisory: mariadb55-mariadb security update

An update for mariadb55-mariadb is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...