1260 matches found
Denial Of Service (DoS)
openjdk is vulnerable to denial of service attacks. The vulnerability exists in Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code which allows unauthenticated attacker with network access via multiple...
OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...
CVE-2022-21426
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...
DEBIAN-CVE-2022-21426
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...
CVE-2022-21449
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 17.0.2 and 18; Oracle GraalVM Enterprise Edition: 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows...
PT-2022-6858 · Oracle +10 · Java Se +12
Name of the Vulnerable Software and Affected Versions: Oracle Java SE versions 7u331, 8u321, 11.0.14, 17.0.2, 18 Oracle GraalVM Enterprise Edition versions 20.3.5, 21.3.1, 22.0.0.2 Description: The issue is related to an unauthenticated attacker with network access via multiple protocols being ab...
PT-2022-6857
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 7u331, 8u321, 11.0.14, 17.0.2, 18 Oracle GraalVM Enterprise Edition versions 20.3.5, 21.3.1, 22.0.0.2 Description The issue is related to an unauthenticated attacker with network access via multiple protocols being able...
CVE-2022-28805
A heap buffer-overflow vulnerability was found in Lua. The flaw occurs due to vulnerable code present in the lparser.c function of Lua that allows the execution of untrusted Lua code into a system, resulting in malicious activity...
DEBIAN-CVE-2022-28805
singlevar in lparser.c in Lua from including 5.4.0 up to excluding 5.4.4 lacks a certain luaKexp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code...
Lua 缓冲区错误漏洞
Lua is a lightweight, extensible open source scripting language from the Lua LUA team. A buffer error vulnerability exists in Lua 5.4.4 and earlier, which stems from the lack of a specific luaKexp2anyregup call in singlevar in lparser.c, resulting in an overread of the heap-based buffer, which...
CVE-2022-28805
singlevar in lparser.c in Lua from including 5.4.0 up to excluding 5.4.4 lacks a certain luaKexp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code...
CVE-2022-28805
singlevar in lparser.c in Lua from including 5.4.0 up to excluding 5.4.4 lacks a certain luaKexp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code...
CVE-2022-28805
singlevar in lparser.c in Lua from including 5.4.0 up to excluding 5.4.4 lacks a certain luaKexp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code...
Pexip Infinity licensing issue vulnerability
Pexip Infinity is a cloud collaboration platform for video conferencing from Pexip, a Norwegian company. A security vulnerability exists in Pexip Infinity Connect versions prior to 1.8.0, which stems from the omission of certain resource provisioning authenticity checks. An attacker could exploit...
CVE-2016-1239
duck before 0.10 did not properly handle loading of untrusted code from the current directory...
DEBIAN-CVE-2016-1239
duck before 0.10 did not properly handle loading of untrusted code from the current directory...
CVE-2016-1239
duck before 0.10 did not properly handle loading of untrusted code from the current directory...
CVE-2016-1239
duck before 0.10 did not properly handle loading of untrusted code from the current directory...
Directory traversal
duck before 0.10 did not properly handle loading of untrusted code from the current directory...
UBUNTU-CVE-2016-1239
duck before 0.10 did not properly handle loading of untrusted code from the current directory...