Russian Spies Jumped From One Network to Another Via Wi-Fi in an Unprecedented Hack

In a first, Russia's APT28 hacking group appears to have remotely breached the Wi-Fi of an espionage target by hijacking a laptop in another building across the street...

SUSE CVE-2015-0478

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect confidentiality via vectors related to JCE...

Oracle FLEXCUBE Private Banking Information Disclosure Vulnerability

Oracle FLEXCUBE Private Banking is a banking and financial services solution. A security vulnerability exists in the implementation of Oracle FLEXCUBE Private Banking versions 2.0.0, 2.0.1, 2.2.0.1, 12.0.1, which can be exploited by remote attackers to compromise confidentiality...

Unspecified Vulnerability in Oracle Fusion Middleware Outside In Technology (CNVD-2016-05414)

Oracle Fusion Middleware is a comprehensive middleware portfolio of SOA and middleware products. A security vulnerability exists in Oracle Fusion Middleware versions 8.5.0, 8.5.1, 8.5.2, Outside In Technology component, which can be exploited by remote attackers to compromise confidentiality...

Unspecified Vulnerability in Oracle Agile PLM (CNVD-2016-05334)

Oracle Agile Product Lifecycle Management PLM solutions enable organizations to manage product information, processes, and decisions across a global product network throughout the product lifecycle. A security vulnerability exists in Oracle Supply Chain Products Suite version 9.3.4, 9.3.5, Oracle...

Unspecified Vulnerability in Oracle PeopleSoft Enterprise HRMS Component

Oracle PeopleSoft Enterprise is an enterprise human capital management solution. An unspecified vulnerability in the Time and Labor subcomponent of the Oracle PeopleSoft Enterprise HRMS component allows remote attackers to exploit the vulnerability to compromise the confidentiality, integrity of...

DEBIAN-CVE-2014-6585

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6591...

OpenJDK: MethodHandles.Lookup insufficient modifiers checks (Libraries, 8035788)

Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Libraries...

JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)

Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality via unknown vectors related to Deployment...

OpenJDK: Unique VMIDs (Libraries, 8001033)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different...

OpenJDK: insufficient Socket checkListen checks (Networking, 8011786)

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and Java SE Embedded 7u45, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims...

JDK: unspecified vulnerability fixed in 7u45 (2D)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D...

OpenJDK: insufficient security checks (Beans, 8012071)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to BEANS...

OpenJDK: insufficient DataFlavor security checks (AWT, 8012277)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to AWT...

OpenJDK: ObjectInputStream/ObjectOutputStream missing checks (Libraries, 8014987)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different...

OpenJDK: key data leak via toString() methods (Libraries, 8011071)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to...

JDK: unspecified vulnerability fixed in 6u33 and 7u5 (Deployment)

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE 7 update 4 and earlier and 6 update 32 and earlier, and the GlassFish Enterprise Server component in Oracle Sun Products Suite GlassFish Enterprise Server 3.1.1, allows remote attackers to affect confidentiality and...

OpenJDK: JConsole SSL support (Serviceability, 8003703)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serviceability. NOTE: the previous information is from the...

OpenJDK: Method handles (Libraries, 8009424)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU...

OpenJDK: getEnclosing* checks (Libraries, 8007812)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different...