Oracle Linux 10 / 8 / 9 : java-21-openjdk (ELSA-2026-9689)

The remote Oracle Linux 10 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-9689 advisory. 1:21.0.11.0.10-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.11.0.10-1 - Update to jdk-21.0.11+10 GA - Update release notes to...

SUSE CVE-2010-3558

Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...

SUSE CVE-2010-3570

Unspecified vulnerability in the Deployment Toolkit component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...

Microsoft Exchange Server 代码注入漏洞

Microsoft Exchange Server is the United States Microsoft Microsoft company's set of e-mail service program. It provides email access, storage, forwarding, voicemail, email filtering and screening, and other features. A code injection vulnerability exists in Microsoft Exchange Server. The followin...

Microsoft Exchange Server 安全漏洞

Microsoft Exchange Server is the United States Microsoft Microsoft company's set of e-mail service program. It provides email access, storage, forwarding, voice mail, email filtering and screening. A security vulnerability exists in Microsoft Exchange Server. The following products and versions a...

Microsoft Exchange Server 代码注入漏洞

Microsoft Exchange Server is the United States Microsoft Microsoft company's set of e-mail service program. It provides email access, storage, forwarding, voicemail, email filtering and screening, and other features. A code injection vulnerability exists in Microsoft Exchange Server. The followin...

Microsoft Exchange Server 输入验证错误漏洞

Microsoft Exchange Server is the United States Microsoft Microsoft company's set of e-mail service program. It provides email access, storage, forwarding, voicemail, email filtering and screening, and other features. An input validation error vulnerability exists in Microsoft Exchange Server. The...

Microsoft Exchange Server 权限许可和访问控制问题漏洞

Microsoft Exchange Server is the United States Microsoft Microsoft company's set of e-mail service program. It provides email access, storage, forwarding, voice mail, email filtering and screening. A vulnerability exists in Microsoft Exchange Server with privilege permission and access control...

Microsoft Exchange Server 跨站脚本漏洞

Microsoft Exchange Server is the United States Microsoft Microsoft company's set of e-mail service program. It provides email access, storage, forwarding, voicemail, email filtering and screening, and other features. A cross-site scripting vulnerability exists in Microsoft Exchange Server. The...

Microsoft Windows Remote Access Connection Manager 权限许可和访问控制问题漏洞

Microsoft Windows Remote Access Connection Manager is a Windows service from Microsoft that manages virtual private network VPN connections from your computer to the Internet. If you disable this service, the VPN client application If this service is disabled, VPN client applications will not...

Microsoft Exchange Server 权限许可和访问控制问题漏洞

Microsoft Exchange Server is the United States Microsoft Microsoft company's set of e-mail service program. It provides email access, storage, forwarding, voice mail, email filtering and screening. A vulnerability exists in Microsoft Exchange Server with privilege permission and access control...

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server is a set of e-mail service programs from Microsoft, which provides e-mail access, storage, forwarding, voice mail, e-mail filtering and screening. A remote code execution vulnerability exists in Microsoft Exchange Server 2016 Cumulative Update version 10 and 2013...

ArcGIS Server 10.3.1: RMIClassLoader RCE

Using an Esri-provided image on Azure's Marketplace, ArcGIS Server 10.3.1 started Java's rmid on port 1098 and explicitly set the property java.rmi.server.useCodebaseOnly equal to false. Screenshot: https://www.dropbox.com/s/xz9ugal3ixnfh1c/10.3.1rmiduseCodebaseOnly%3Dfalse.png?dl=0 As discussed ...

ArcGIS Server 10.3.1 RMIClassLoader useCodebaseOnly=false Code Execution Exploit

ArcGIS Server version 10.3.1 suffers from an RMIClassLoader useCodebaseOnly=false remote code execution vulnerability. Using an Esri-provided image on Azure's Marketplace, ArcGIS Server 10.3.1 started Java's rmid on port 1098 and explicitly set the property java.rmi.server.useCodebaseOnly equal t...

CVE-2016-4264

CVE-2016-4264 affects Adobe ColdFusion 10 (before Update 21) and 11 (before Update 10). The OOXML feature parser is vulnerable to XML External Entity (XXE) processing via a crafted OOXML spreadsheet containing an external entity declaration and an entity reference, enabling reading of arbitrary f...

JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-1540...

Oracle Java SE Multiple Vulnerabilities -03 (Jun 2013) - Windows

Oracle Java SE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Java SE Multiple Vulnerabilities -01 June 13 (Windows)

This host is installed with Oracle Java SE and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gboraclejavasemultvuln01jun13win.nasl 7699 2017-11-08 12:10:34Z santu $ Oracle Java SE Multiple Vulnerabilities -01 June 13 Windows Authors: Thanga Prakash S Copyright: Copyright c...

CVE-2013-2462

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment...

CVE-2013-2469

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2...