4493 matches found
CVE-2016-2094
The vulnerability CVE-2016-2094 affects Tomcat’s HTTPS NIO Connector, where a remote attacker can cause a denial of service by opening a socket and not sending an SSL handshake, triggering a read-timeout and thread consumption. The provided documents describe the vulnerability and impact but do n...
SUSE-SU-2016:1250-1 Security update for java-1_7_0-openjdk
This update for java-170-openjdk to version 2.6.6 fixes five security issues. These security issues were fixed: - CVE-2016-0686: Ensure thread consistency bsc976340. - CVE-2016-0687: Better byte behavior bsc976340. - CVE-2016-0695: Make DSA more fair bsc976340. - CVE-2016-3425: Better buffering o...
RHEL 7 : java-1.8.0-ibm (RHSA-2016:0716)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:0716 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...
OpenJDK: insufficient thread consistency checks in ObjectInputStream (Serialization, 8129952)
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization...
CVE-2015-4170
Race condition in the ldsemcmpxchg function in drivers/tty/ttyldsem.c in the Linux kernel before 3.13-rc4-next-20131218 allows local users to cause a denial of service ldsemdownread and ldsemdownwrite deadlock by establishing a new tty thread during shutdown of a previous tty thread...
CVE-2015-4170
Race condition in the ldsemcmpxchg function in drivers/tty/ttyldsem.c in the Linux kernel before 3.13-rc4-next-20131218 allows local users to cause a denial of service ldsemdownread and ldsemdownwrite deadlock by establishing a new tty thread during shutdown of a previous tty thread...
Race condition
Race condition in the ldsemcmpxchg function in drivers/tty/ttyldsem.c in the Linux kernel before 3.13-rc4-next-20131218 allows local users to cause a denial of service ldsemdownread and ldsemdownwrite deadlock by establishing a new tty thread during shutdown of a previous tty thread...
OpenJDK: insufficient thread consistency checks in ObjectInputStream (Serialization, 8129952)
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization...
The tasks array included at least one null element
Challenge Management Pack fails to display a segment of the environmental topology or a portion of performance information. The vmspi.log default location: C:\Program Files\Veeam\Veeam Virtualization Extensions for System Center\Collector\Log contains the following entries: + VP038 buildInventory...
Code injection
The tmreclaimthread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tmreclaim call, which allows local users to cause a denial of service TM Bad Thing exception and panic via a...
Critical: java-1.7.0-openjdk
Issue Overview: It was discovered that the ObjectInputStream class in the Serialization component of OpenJDK failed to properly ensure thread consistency when deserializing serialized input. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions...
OpenJDK: insufficient thread consistency checks in ObjectInputStream (Serialization, 8129952)
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization...
OpenJDK: insufficient thread consistency checks in ObjectInputStream (Serialization, 8129952)
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization...
OpenJDK: insufficient thread consistency checks in ObjectInputStream (Serialization, 8129952)
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization...
OpenJDK: insufficient thread consistency checks in ObjectInputStream (Serialization, 8129952)
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization...
Microsoft Windows 7 < 10 / 2008 < 2012 R2 (x86/x64) - Local Privilege Escalation (MS16-032) (PowerShell)
function Invoke-MS16-032 https://googleprojectzero.blogspot.co.uk/2016/03/exploiting-leaked-thread-handle.html .DESCRIPTION Author: Ruben Boonen @FuzzySec Blog: http://www.fuzzysecurity.com/ License: BSD 3-Clause Required Dependencies: PowerShell v2+ Optional Dependencies: None .EXAMPLE C:\PS...
OpenJDK: insufficient thread consistency checks in ObjectInputStream (Serialization, 8129952)
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization...
OpenJDK: insufficient thread consistency checks in ObjectInputStream (Serialization, 8129952)
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization...
CVE-2016-1763
Messages in Apple iOS before 9.3 does not ensure that an auto-fill action applies to the intended message thread, which allows remote authenticated users to obtain sensitive information by providing a crafted sms: URL and reading a thread...
Apple iOS Messages Information Disclosure Vulnerability (CNVD-2016-01875)
Apple iOS is an operating system for mobile devices developed by Apple Inc. Messages is a component of the application used to send text, photos and videos. A security vulnerability exists in Messages in Apple iOS versions prior to 9.3, which stems from the program failing to determine that an...