Microsoft Exchange Server 安全漏洞

Microsoft Exchange Server is a email service program provided by the American company Microsoft. It offers features such as email access, storage, forwarding, voicemail handling, and email filtering. There are security vulnerabilities in Microsoft Exchange Server. Attackers use these...

Hotfix update for Exchange Server 2019 CU15 HU4: September 8, 2025 (KB5066372)

Hotfix update for Exchange Server 2019 CU15 HU4: September 8, 2025 KB5066372 Hotfix update HU 4 for Microsoft Exchange Server 2019 CU15 was released on September 8, 2025. It includes fixes for non-security issues and may introduces new features. These fixes and features will also be included in...

Microsoft Exchange Server 安全漏洞

Microsoft Exchange Server is a set of e-mail service programs from the American Microsoft Corporation Microsoft. It provides email access, storage, forwarding, voice mail, email filtering and screening. A security vulnerability exists in Microsoft Exchange Server. The vulnerability is exploited b...

Deserialization of untrusted data

Adobe ColdFusion versions 2018 Update 15 and earlier and 2021 Update 5 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction...

Path traversal

Adobe ColdFusion versions 2018 Update 15 and earlier and 2021 Update 5 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in Arbitrary file system read. Exploitation of this issue does not require user...

PT-2023-1943 · Adobe · Coldfusion

Name of the Vulnerable Software and Affected Versions: Adobe ColdFusion versions 2018 Update 15 and earlier and 2021 Update 5 and earlier Description: The issue is related to a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the...

Adobe ColdFusion Code Issue Vulnerability

Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. A security vulnerability exists in Adobe ColdFusion 2016 Update 15 and earlier and ColdFusion 2018 Upda...

KLA11685 Spoofing vulnerability in Microsoft Exchange Server

A spoofing vulnerability was found in Microsoft Exchange Server. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2020-0903 Related products Microsoft-Exchange-Server CVE list CVE-2020-0903 warning KB list 4540123 Solution Install necessary updates...

Security Bulletin: A vulnerability in yum-utils affects PowerKVM

Summary PowerKVM is affected by a vulnerability in yum-utils. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2018-10897 DESCRIPTION: reposync could allow a remote attacker to traverse directories on the system, caused by the improper sanitation of paths in remote...

CVE-2014-9166

Adobe ColdFusion 10 before Update 15 and 11 before Update 3 allows attackers to cause a denial of service resource consumption via unspecified vectors...

Mac OS X : Java for Mac OS X 10.6 Update 15

The remote Mac OS X host has a version of Java for Mac OS X 10.6 that is missing Update 15, which updates the Java version to 1.6.045. It is, therefore, affected by multiple security vulnerabilities, the most serious of which may allow an untrusted Java applet to execute arbitrary code with the...

Java Runtime Environment Color Management memory overwrite

Added: 04/04/2013 CVE: CVE-2013-1493 BID: 58238 OSVDB: 90737 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java...

Java Runtime Environment Color Management memory overwrite

Added: 04/04/2013 CVE: CVE-2013-1493 BID: 58238 OSVDB: 90737 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java...

Design/Logic Flaw

Unspecified vulnerability in the 2D component in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than...

Two More Java Zero Days Found by Polish Research Team

The seemingly endless list of critical zero day bugs found in Java grew longer today with news that one of the flaws fixed in Oracle’s recent patches for the product is under attack and when that bug is paired with another, separate vulnerability, the sandbox in the latest build of Java can be...

Critical: Red Hat Security Advisory: java-1.7.0-oracle security update

Updated java-1.7.0-oracle packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give...

OpenJDK Untrusted applet System properties access (6738524)

The audio system in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by 1 untrusted applets and 2 Java Web Start applications, which allows context-dependent attackers to obtain sensiti...

SuSE 11 Security Update : Sun Java 1.6.0 (SAT Patch Number 1163)

The Sun Java JRE /JDK 6 was updated to Update 15 fixing various security issues. - The audio system in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by 1 untrusted applets and 2 Java...

Sun Java JDK/JRE JPEG Images Integer Overflow Vulnerability - Aug09

This host is installed with Sun Java JDK/JRE and is prone to Integer Overflow vulnerability. OpenVAS Vulnerability Test $Id: gbsunjavajreintoverflowvulnaug09.nasl 7699 2017-11-08 12:10:34Z santu $ Sun Java JDK/JRE JPEG Images Integer Overflow Vulnerability - Aug09 Authors: Sharath S Copyright:...

CVE-2009-2719

CVE-2009-2719: In Sun Java SE 6, the Java Web Start implementation before Update 15 is vulnerable to a DoS via a crafted JNLP file, causing a NullPointerException. The issue is evidenced by the TCK test at jnlp_file/appletDesc/index.html#misc. Affected software is Java Web Start in Java SE 6 prio...