490 matches found
CLSA-2025-1754043770 java-17-openjdk: Fix of 4 CVEs
Update to jdk-17.0.16+8 - CVE-2025-50106: fix 2D component vulnerability in Java SE allowing remote attackers to compromise the Java runtime via crafted input - CVE-2025-30749: fix 2D rendering vulnerability in Java SE that could lead to application crash or remote code execution -...
USN-7674-1 openjdk-lts vulnerabilities
It was discovered that the 2D component of OpenJDK 11 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 VMashroor Hasan Bhuiyan discovered that the JSSE...
USN-7672-1 openjdk-17-crac vulnerabilities
It was discovered that the 2D component of CRaC JDK 17 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 VMashroor Hasan Bhuiyan discovered that the JSSE...
openjdk: Better Glyph drawing (Oracle CPU 2025-07)
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1;...
openjdk: Better Glyph drawing (Oracle CPU 2025-07)
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1;...
A Dual-Layer Image Encryption Framework Using Chaotic AES with Dynamic S-Boxes and Steganographic QR Codes
This paper presents a robust image encryption and key distribution framework that integrates an enhanced AES-128 algorithm with chaos theory and advanced steganographic techniques for dual-layer security. The encryption engine features a dynamic ShiftRows operation controlled by a logistic map,...
[SECURITY] Fedora 42 Update: qt6-qtsvg-6.9.1-1.fc42
Scalable Vector Graphics SVG is an XML-based language for describing two-dimensional vector graphics. Qt provides classes for rendering and displaying SVG drawings in widgets and on other paint devices...
Walrus: an Efficient Decentralized Storage Network
Decentralized storage systems face a fundamental trade-off between replication overhead, recovery efficiency, and security guarantees. Current approaches either rely on full replication, incurring substantial storage costs, or employ trivial erasure coding schemes that struggle with efficient...
There'S Waldo: PCB Tamper Forensic Analysis Using Explainable AI on Impedance Signatures
The security of printed circuit boards PCBs has become increasingly vital as supply chain vulnerabilities, including tampering, present significant risks to electronic systems. While detecting tampering on a PCB is the first step for verification, forensics is also needed to identify the modified...
jct-aq Airpointer 2D 输入验证错误漏洞
The jct-aq Airpointer 2D is a device for air quality monitoring from the Austrian company jct-aq. A security vulnerability exists in the jct-aq Airpointer 2D version 2.4.107-2, which stems from improper operation of the diagnostics module and could lead to remote code execution...
jct-aq Airpointer 2D 信任管理问题漏洞
The jct-aq Airpointer 2D is a device for air quality monitoring from jct-aq Austria. A security vulnerability exists in the jct-aq Airpointer 2D version 2.4.107-2, which stems from default credentials and could lead to unauthorized access...
Disrupting Vision-Language Model-Driven Navigation Services Via Adversarial Object Fusion
We present Adversarial Object Fusion AdvOF, a novel attack framework targeting vision-and-language navigation VLN agents in service-oriented environments by generating adversarial 3D objects. While foundational models like Large Language Models LLMs and Vision Language Models VLMs have enhanced...
openjdk: Enhance Buffered Image handling (Oracle CPU 2025-04)
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK: 17.0.14, 21.0.6, 24; Oracle...
Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: Update to version jdk8u452 icedtea-3.35.0 Security issues fixed: CVE-2025-21587: unauthorized creation, deletion or modification of critical data through the JSSE component. bsc1241274 CVE-2025-30691: unauthorized update, insert or dele...
USN-7480-1 openjdk-8 vulnerabilities
Alicja Kario discovered that the JSSE component of OpenJDK 8 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of OpenJDK 8 incorrectly handled compiler transformations. An...
Algorithms for the Shortest Vector Problem in $2$-Dimensional Lattices, Revisited
Whitepaper called Algorithms For The Shortest Vector Problem In $2$-Dimensional Lattices, Revisited...
Overlapping Error Correction Codes on Two-Dimensional Structures
The growing demand for highly reliable communication systems drives the research and development of algorithms that identify and correct errors during data transmission and storage. This need becomes even more critical in hard-to-access or sensitive systems, such as those used in space...
Oracle Critical Patch Update Advisory -- July 2024
CVE-ID Component Base Score CVE-2024-21131 Hotspot 3.7 CVE-2024-21138 Hotspot 3.7 CVE-2024-21140 Hotspot 4.8 CVE-2024-21145 2D 4.8 CVE-2024-21147 Hotspot 7.4 CVE-2024-27983 Oracle GrallVM for JDK 8.2 More details can be found at https://www.oracle.com/security-alerts/cpujul2024.html...
AZUL Zulu Java Multiple Vulnerabilities - July 2024
CVE-ID Component Base Score CVE-2024-21131 Hotspot 3.7 CVE-2024-21138 Hotspot 3.7 CVE-2024-21140 Hotspot 4.8 CVE-2024-21145 2D 4.8 CVE-2024-21147 Hotspot 7.4 CVE-2024-21144 Concurrency 3.7 CVE-2024-27983 Oracle GrallVM for JDK 8.2 More details can be found at...
Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: Update to version jdk8u432 icedtea-3.33.0: CVE-2024-21208: Enhance HTTP client bsc1231702. CVE-2024-21210: Improve handling of vectorization bsc1231711. CVE-2024-21217: Improve deserialization support bsc1231716. CVE-2024-21235: Improve...