1964 matches found
Oracle Releases Security Bulletin
Oracle has released its Critical Patch Update for July 2016 to address 276 vulnerabilities across multiple products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Oracle Ju...
Debian DSA-3621-1 : mysql-connector-java - security update
A vulnerability was discovered in mysql-connector-java, a Java database JDBC driver for MySQL, which may result in unauthorized update, insert or delete access to some MySQL Connectors accessible data as well as read access to a subset of MySQL Connectors accessible data. The vulnerability was...
Oracle Critical Patch Update - July 2016
A Critical Patch Update CPU is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update...
KLA10954 Remote Security Vulnerability in Oracle VM VirtualBox
A remote security vulnerability was found in Oracle Virtualization Oracle VM VirtualBox component. By exploiting this vulnerability malicious users can gain privileges and cause a partial denial of service. This vulnerability can be exploited remotely over the HTTP protocol. Technical details...
Oracle Outside in Libraries Elevation of Privilege Vulnerabilities
This security update addresses the following vulnerabilities, which are described in Oracle Critical Patch Update Advisory - January 2016: CVE-2015-6013: Oracle Outside In 8.5.2 WK4 stack buffer overflow CVE-2015-6014: Oracle Outside In 8.5.2 DOC stack buffer overflow CVE-2015-6015: Oracle OIT...
Critical: Red Hat Security Advisory: rh-mysql56-mysql security update
An update for rh-mysql56-mysql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Oracle Database Multiple Vulnerabilities (April 2016 CPU)
The remote Oracle Database Server is missing the April 2016 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities in the following components : - An unspecified flaw exists in the RDBMS Security component that allows a local attacker to cause a denial of service...
Debian DSA-3557-1 : mysql-5.5 - security update
Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.49. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details : -...
[SECURITY] [DSA 3557-1] mysql-5.5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3557-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 26, 2016 https://www.debian.org/security/faq -...
EC-CUBE vulnerable to cross-site request forgery
Overview EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a cross-site request forgery vulnerability CWE-352. LOCKON CO.,LTD. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and LOCKON CO.,LTD...
EC-CUBE fails to restrict access permissions
Overview EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE fails to restrict access permissions. Note that this vulnerability is different from JVN47473944. Gen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA. JPCERT/CC...
EC-CUBE fails to restrict access permissions
Overview EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE fails to restrict access permissions. Note that this vulnerability is different from JVN11458774. Gen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA. JPCERT/CC...
Oracle's April patch update fixes 1 3 6 vulnerability-vulnerability warning-the black bar safety net
This week,Oracle Corporation in this quarterly critical vulnerabilities to repair program,to fix the present in 4 of 6 different products in 1 3 6 vulnerabilities. Which has more than half of the vulnerabilitiesa total of 7 2have been a corresponding CVE number,these vulnerabilities can in no...
Critical: Red Hat Security Advisory: java-1.8.0-oracle security update
An update for java-1.8.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which give...
Oracle iPlanet Web Proxy Server 4.0.x < 4.0.27 NSS ASN.1 Decoder RCE (April 2016 CPU)
According to its self-reported version, the Oracle iPlanet Web Proxy Server formerly known as Sun Java System Web Proxy Server installed on the remote host is version 4.0.x prior to 4.0.27. It is, therefore, affected by a heap buffer overflow condition in the ASN.1 decoder in the Network Security...
Oracle Solaris Critical Patch Update : apr2016_SRU11_3_5_6_0
This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Automated Installer. The supported version that is affected is 11.3. Easily exploitable vulnerability allows...
Oracle Fixes 136 Vulnerabilities With April CPU
Oracle fixed 136 vulnerabilities across 46 different products this week as part of its quarterly Critical Patch Update. More than half of the CVEs, 72, could be remotely exploitable without authentication. Fixes for a slew of products, including Oracle’s Database Server, E-Business Suite, Fusion...
Oracle E-Business Multiple Vulnerabilities (April 2016 CPU)
The version of Oracle E-Business installed on the remote host is missing the April 2016 Oracle Critical Patch Update CPU. It is, therefore, affected by vulnerabilities in the following components : - An unspecified flaw exists in the DB Privileges subcomponent of the Oracle Applications Object...
Oracle Releases Security Bulletin
Oracle has released its Critical Patch Update for April 2016 to address 136 vulnerabilities across multiple products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Oracle April...
Solaris 9 (x86) : 152099-53
JavaSE 7x86: update 151 patch equivalent to JDK 7u151, 64bit. Date this patch was last updated by Sun : Jul/17/17 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc';...