10 matches found
CVE-2019-12868
app/Model/Server.php in MISP 2.4.109 allows remote command execution by a super administrator because the PHP fileexists function is used with user-controlled entries, and phar:// URLs trigger deserialization...
CVE-2018-1999042
A vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in XStream2.java that allows attackers to have Jenkins resolve a domain name when deserializing an instance of java.net.URL...
OpenJDK: URL deserialization inconsistencies (Networking, 8059054)
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking...
RHEL 7 : java-1.8.0-ibm (RHSA-2016:0098)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:0098 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several...
OpenJDK: URL deserialization inconsistencies (Networking, 8059054)
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking...
RHEL 7 : java-1.6.0-sun (RHSA-2016:0057)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:0057 advisory. - libpng: Buffer overflow vulnerabilities in pnggetPLTE/pngsetPLTE functions CVE-2015-8126, CVE-2015-8472 - OpenJDK: URL deserialization...
OpenJDK: URL deserialization inconsistencies (Networking, 8059054)
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking...
OpenJDK: URL deserialization inconsistencies (Networking, 8059054)
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking...
RHEL 6 : java-1.8.0-openjdk (RHSA-2016:0050)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:0050 advisory. - TLS 1.2 Transcipt Collision attacks against MD5 in key exchange protocol SLOTH CVE-2015-7575 - OpenJDK: URL deserialization inconsistencie...
OpenJDK: URL deserialization inconsistencies (Networking, 8059054)
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking...