14 matches found
CVE-2026-45041
RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, crates/appauth/src/token.rs ships a 2048-bit RSA private key as a string constant named TESTPRIVATEKEY and uses it in production via parselicense to "verify" license tokens. Because the key is embedded in every...
CVE-2026-45041
RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, crates/appauth/src/token.rs ships a 2048-bit RSA private key as a string constant named TESTPRIVATEKEY and uses it in production via parselicense to "verify" license tokens. Because the key is embedded in every...
Oracle Java SE CVE-2020-2655 Remote Security Vulnerability
Description Oracle Java SE is prone to a remote security vulnerability. The vulnerability can be exploited over 'HTTPS' protocol. This issue affects the 'JSSE' component. This vulnerability affects the following supported versions: Java SE: 11.0.5, 13.0.1 Technologies Affected Oracle JDKLinux...
Oracle Java SE CVE-2020-2585 Remote Security Vulnerability
Description Oracle Java SE is prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'JavaFX' component. This vulnerability affects the following supported versions: Java SE: 8u241 Technologies Affected Oracle JDKLinux Producti...
Oracle Java SE/Java SE Embedded CVE-2020-2659 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Networking' component. This vulnerability affects the following supported versions: Java SE: 7u241, 8u231; Java SE...
Oracle Java SE/Java SE Embedded CVE-2019-2949 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over 'Kerberos' protocol. This issue affects the 'Kerberos' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13;...
Twiki Perl 4.x, 5.x, 6.x Upload Bypass / Code Execution Vulnerabilities
The debugenableplugins request parameter in Twiki versions 4.x, 5.x, and 6.0.0 allows arbitrary Perl code execution and suffer from a file upload bypass vulnerability. This is an advisory for TWiki administrators: The debugenableplugins request parameter allows arbitrary Perl code execution...
Oracle Java SE CVE-2013-0431 Remote Java Runtime Environment Vulnerability
Description Oracle Java SE is prone to a remote vulnerability in Java Runtime Environment. The vulnerability can be exploited over multiple protocols. This issue affects the 'JMX' sub-component. This vulnerability affects the following supported versions: 7 Update 11 and prior Note: This issue wa...
TWiki 5.1.2 Command Execution Vulnerability
TWiki versions 4.x and 5.1.0 through 5.1.2 suffers from a remote command execution vulnerability due to an underlying security issue in the Locale::Maketext CPAN module. This security advisory alerts you of a potential security issue with TWiki installations: The %MAKETEXT% TWiki variable allows...
TWiki 5.1.2 Command Execution
This security advisory alerts you of a potential security issue with TWiki installations: The %MAKETEXT% TWiki variable allows arbitrary shell command execution. The problem is caused by an underlying security issue in the Locale::Maketext CPAN module. Vulnerable Software Version Attack Vectors...
Oracle Java Applet Rhino脚本引擎远程代码执行漏洞
Bugtraq ID: 50218 CVE ID:CVE-2011-3544 Sun Java Runtime Environment是一款为JAVA应用程序提供可靠的运行环境的解决方案。 Java处理Rhino JavaScript错误存在缺陷,Java中的内置javascript引擎没有对javascript错误对象执行充分过滤,结果导致不可信代码以特权上下文运行 Sun SDK Windows Production Release 1.4.2 24 Sun SDK Windows Production Release 1.4.2 15 Sun SDK Windows...
Oracle Java Runtime Environment 'HsbParser.getSoundBank()' Remote Heap Buffer Overflow Vulnerability
Description Oracle Java SE and Java for Business are prone to a remote heap-based buffer-overflow vulnerability affecting the Java Runtime Environment JRE. Attackers can exploit this issue to execute arbitrary code within the context of the user invoking the JRE. Versions prior to Java 5.0 Update...
Sun Java Runtime Environment JPEG图像处理整数溢出漏洞
Bugraq ID: 35942 Sun Java Runtime Environment是一款为JAVA应用程序提供可靠的运行环境的解决方案。 Sun Java Runtime Environment负责处理装载WebStart应用程序的定制JPEG的代码存在缺陷,远程攻击者可以利用漏洞以登录用户安全上下文执行任意指令。 当处理splash screen时,Javaws.exe错误计算大小并用于之后的缓冲区分配,在之后的解压缩过程中,Java Web Start会写数据到错误分配的缓冲区中,导致基于堆的缓冲区溢出,并以当前用户安全上下文执行任意指令。 Sun JRE 6.0 Updat...
Sun Java Runtime Environment虚拟机提权漏洞
Sun Java Runtime Environment是一款SUN公司开发的JAVA实时运行环境。 Sun Java Runtime Environment虚拟机存在漏洞允许不可信applet提升自身特权,远程攻击者可以利用漏洞获得登录用户权限。 恶意applet可以授权本地文件读和写权限,并以运行此不可信用户进程权限执行applet。 Sun SDK Windows Production Release 1.4.2 15 Sun SDK Windows Production Release 1.4.2 08 Sun SDK Windows Production Release 1.4...