Lucene search
K

122 matches found

Tenable Nessus
Tenable Nessus
added 2020/12/15 12:0 a.m.188 views

Virtuozzo 7 : httpd / httpd-devel / httpd-manual / httpd-tools / etc (VZLSA-2019-2343)

An update for httpd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.5CVSS7AI score0.1786EPSS
Exploits0References4
OSV
OSV
added 2020/09/09 6:45 p.m.26 views

GHSA-X44X-R84W-8V67 Lack of URL normalization may lead to authorization bypass when URL access rules are used

Impact When access rules are used inside a protected host, some URL encodings may bypass filtering system. Patches Version 0.5.2 includes a patch that fixes the vulnerability Workarounds No way for users to fix or remediate the vulnerability without upgrading References...

6.5CVSS9.3AI score0.02342EPSS
Exploits1References9
Github Security Blog
Github Security Blog
added 2020/09/09 6:45 p.m.37 views

Lack of URL normalization may lead to authorization bypass when URL access rules are used

Impact When access rules are used inside a protected host, some URL encodings may bypass filtering system. Patches Version 0.5.2 includes a patch that fixes the vulnerability Workarounds No way for users to fix or remediate the vulnerability without upgrading References...

9.8CVSS0.3AI score0.02342EPSS
Exploits1References9Affected Software1
OSV
OSV
added 2020/04/07 7:31 a.m.10 views

SUSE-SU-2020:0456-1 Security update for java-1_7_1-ibm

This update for java-171-ibm fixes the following issues: Java was updated to 7.1 Service Refresh 4 Fix Pack 60 bsc1162972, bsc1160968. Security issues fixed: - CVE-2020-2583: Fixed a serialization vulnerability in BeanContextSupport bsc1162972. - CVE-2020-2593: Fixed an incorrect check in...

8.1CVSS6.1AI score0.04903EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2020/03/17 1:11 p.m.4 views

OpenJDK: Incorrect isBuiltinStreamHandler check causing URL normalization issues (Networking, 8228548)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

5.8CVSS7.4AI score0.02984EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/02/27 3:34 p.m.4 views

OpenJDK: Incorrect isBuiltinStreamHandler check causing URL normalization issues (Networking, 8228548)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

5.8CVSS7.4AI score0.02984EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/02/27 3:34 p.m.71 views

Important: Red Hat Security Advisory: java-1.7.0-openjdk security update

An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.1CVSS6.6AI score0.04903EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2020/02/26 12:0 a.m.38 views

SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2020:0456-1)

This update for java-171-ibm fixes the following issues : Java was updated to 7.1 Service Refresh 4 Fix Pack 60 bsc1162972, bsc1160968. Security issues fixed : CVE-2020-2583: Fixed a serialization vulnerability in BeanContextSupport bsc1162972. CVE-2020-2593: Fixed an incorrect check in...

8.1CVSS6.4AI score0.04903EPSS
Exploits0References11
OSV
OSV
added 2020/02/21 1:35 p.m.9 views

SUSE-SU-2020:14287-1 Security update for java-1_7_1-ibm

This update for java-171-ibm fixes the following issues: Java was updated to 7.1 Service Refresh 4 Fix Pack 60 bsc1162972, bsc1160968. Security issues fixed: - CVE-2020-2583: Fixed a serialization vulnerability in BeanContextSupport bsc1162972. - CVE-2020-2593: Fixed an incorrect check in...

8.1CVSS6.1AI score0.04903EPSS
Exploits0References7
OSV
OSV
added 2020/02/20 10:5 a.m.8 views

SUSE-SU-2020:14286-1 Security update for java-1_7_0-ibm

This update for java-170-ibm fixes the following issues: Java was updated to 7.0 Service Refresh 10 Fix Pack 60 bsc1162972, bsc1160968. Security issues fixed: - CVE-2020-2583: Fixed a serialization vulnerability in BeanContextSupport bsc1162972. - CVE-2020-2593: Fixed an incorrect check in...

8.1CVSS6.1AI score0.04903EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2020/02/19 7:49 a.m.6 views

OpenJDK: Incorrect isBuiltinStreamHandler check causing URL normalization issues (Networking, 8228548)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

5.8CVSS7.4AI score0.02984EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/02/19 12:0 a.m.37 views

Oracle Linux 7 : java-1.7.0-openjdk (ELSA-2020-0541)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-0541 advisory. 1:1.7.0.251-2.6.21.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.251-2.6.21.0 - Bump to 2.6.21 and OpenJDK 7u251-b02. - Resolves: rhbz1785753 Tenable h...

8.1CVSS6.6AI score0.04903EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2020/02/12 11:22 a.m.3 views

OpenJDK: Incorrect isBuiltinStreamHandler check causing URL normalization issues (Networking, 8228548)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

5.8CVSS7.4AI score0.02984EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/02/11 9:16 a.m.4 views

OpenJDK: Incorrect isBuiltinStreamHandler check causing URL normalization issues (Networking, 8228548)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

5.8CVSS7.4AI score0.02984EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/02/11 8:33 a.m.2 views

OpenJDK: Incorrect isBuiltinStreamHandler check causing URL normalization issues (Networking, 8228548)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

5.8CVSS7.4AI score0.02984EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/02/11 8:29 a.m.4 views

OpenJDK: Incorrect isBuiltinStreamHandler check causing URL normalization issues (Networking, 8228548)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

5.8CVSS7.4AI score0.02984EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2020/02/06 12:0 a.m.7 views

The vulnerability in the Networking component of Oracle Java SE and Java SE Embedded software components allows attackers to modify, add, or delete data, or gain unauthorized access to protected information.

The vulnerability of Oracle Java SE and Java SE Embedded software’s Networking component is related to errors in URL normalization. Exploiting this vulnerability can allow an attacker to gain access to, modify, add, or delete data, or to obtain unauthorized access to protected information...

4.8CVSS6.5AI score0.02984EPSS
Exploits0References10Affected Software7
Mageia
Mageia
added 2020/01/30 6:28 p.m.61 views

Updated java-1.8.0-openjdk packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Improper checks of SASL message properties in GssKrb5Base Security, 8226352 CVE-2020-2590 Incorrect exception processing during deserialization in BeanContextSupport Serialization, 8224909 CVE-2020-2583 Incorrect isBuiltinStreamHandler causing UR...

8.1CVSS7.4AI score0.04903EPSS
Exploits0References3
OSV
OSV
added 2020/01/30 6:28 p.m.10 views

MGASA-2020-0069 Updated java-1.8.0-openjdk packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Improper checks of SASL message properties in GssKrb5Base Security, 8226352 CVE-2020-2590 Incorrect exception processing during deserialization in BeanContextSupport Serialization, 8224909 CVE-2020-2583 Incorrect isBuiltinStreamHandler causing UR...

8.1CVSS6.3AI score0.04903EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/01/28 12:0 a.m.41 views

RHEL 8 : java-1.8.0-openjdk (RHSA-2020:0231)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0231 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...

8.1CVSS6.8AI score0.04903EPSS
Exploits0References16
Rows per page
Query Builder