628 matches found
CVE-2016-7636
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Security" component, which allows man-in-the-middle attackers to cause a denial of service application crash via vectors...
CVE-2016-4670
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. The issue involves the "Security" component. It allows local users to discover lengths of arbitrary passwords by reading a log...
The vulnerability of the Oracle Database database management system allows a hacker to gain read access to data.
The vulnerability of the security component of the Oracle Database, a relational database management system, is related to the lack of protection for operational data. Exploiting this vulnerability can allow an attacker, operating locally, to gain access to read the data...
CVE-2017-3240
Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where RDBMS Security executes to compromise...
Oracle Database Server Local Vulnerability (CNVD-2017-00952)
Oracle Database Server is a set of relational database management system of Oracle Oracle. The database management system provides data management, distributed processing, etc. RDBMS Security is one of the database security storage component. A security vulnerability exists in the RDBMS Security...
Unspecified Vulnerability in Security Component of Multiple Apple Products
Apple iOS, watchOS, macOS, and tvOS are products of Apple Inc. Apple iOS is an operating system for mobile devices; tvOS is an operating system for smart televisions. security is an information security and privacy component. A security vulnerability exists in the Security component of several...
Design/Logic Flaw
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5498...
Unspecified Vulnerability in Oracle Fusion Middleware Oracle WebCenter Sites Component (CNVD-2016-10171)
Oracle Fusion Middleware is a suite of business innovation platforms for enterprise and cloud environments from Oracle Corporation. Oracle WebCenter Sites is a web experience management component that enables marketers and business users to create and manage interactive social online experiences ...
Unspecified Vulnerability in Oracle Database Server RDBMS Security Component (CNVD-2016-09795)
Oracle Database Server is a set of relational database management system of Oracle Oracle. The database management system provides data management, distributed processing, etc. RDBMS Security is one of the database security storage component. A local security vulnerability exists in the RDBMS...
Unspecified Vulnerability in Oracle Database Server RDBMS Security Component (CNVD-2016-09696)
Oracle Database Server is a set of relational database management system of Oracle Oracle. The database management system provides data management, distributed processing, etc. RDBMS Security is one of the database security storage component. A local security vulnerability exists in the RDBMS...
The vulnerability of the Java Platform software platform allows a remote attacker to compromise the confidentiality of protected information.
The vulnerability of the Java SE software platform allows a malicious actor to compromise data confidentiality by using the Security sub-component...
Vulnerability of the Java Runtime Environment software platform, which allows a malicious attacker to compromise data confidentiality and integrity
Vulnerability of the Java Runtime Environment, related to program components. Exploiting this vulnerability allows a malicious actor to compromise data confidentiality and integrity by utilizing the Security component...
Vulnerability of the Java Runtime Environment software platform, which allows a malicious attacker to compromise data confidentiality and integrity
Vulnerability of the Java Runtime Environment, related to program components. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of data by using the Security component...
RHEL 5 / 6 / 7 : java-1.6.0-openjdk (RHSA-2016:0723)
An update for java-1.6.0-openjdk is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives ...
java security update
CentOS Errata and Security Advisory CESA-2016:0723 An update for java-1.6.0-openjdk is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common...
OpenJDK: insufficient DSA key parameters checks (Security, 8138593)
It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected...
CVE-2016-4423: Large username storage in session
Affected Versions Symfony 2.3.0 to 2.3.40, 2.7.0 to 2.7.12, 2.8.0 to 2.8.5, and 3.0.0 to 3.0.5 versions of the Security component are affected by this security issue when using the username/password form authentication listener and its simpler version SimpleFormAuthenticationListener. This issue...
Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2016-693)
It was discovered that the ObjectInputStream class in the Serialization component of OpenJDK failed to properly ensure thread consistency when deserializing serialized input. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. CVE-2016-0686 It was...
gmapfp,3.39f,XSS (Cross Site Scripting)
gmapfp,3.39f and previos,XSS Cross Site Scripting Info disclosure, arbitrary fileupload resolution: update to J3.41F update notice:http://gmapfp.org/en/news-of-gmapfp/39-strengthening-of-the-security-component...
Unspecified Vulnerability in Oracle Database Server RDBMS Security Component
Oracle Database Server is a relational database management system from Oracle Corporation, of which RDBMS Security is a database security storage component. An unspecified vulnerability in the RDBMS Security component of Oracle Database Server can be exploited by a local attacker to update, inser...