6 matches found
CLSA-2025-1764580671 pki-servlet-engine: Fix of 2 CVEs
CVE-2024-50379: fix TOCTOU vulnerability in JSP compilation to prevent RCE on case insensitive file systems - CVE-2024-38286: fix issue of resource allocation without limits or throttling vulnerability in TLS handshake process - Apply skip-common-daemon patch to remove the commons-daemon.jar copy...
SUSE SLED15: jctools / jctools-channels / jctools-experimental / jctools-javadoc / etc (SUSE-SU-2024:4407-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:4407-1 advisory. - CVE-2024-47535: Fixed unsafe reading of large environment files when Netty is loaded by a java...
USN-5866-1 nova vulnerabilities
It was discovered that Nova did not properly manage data logged into the log file. An attacker with read access to the service's logs could exploit this issue and may obtain sensitive information. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. CVE-2015-9543 It was discovered that...
Tencent GameLoop 安全漏洞
Tencent GameLoop is an Android emulator from Tencent, a Chinese company. It enables players to play Android games on their computers. Tencent GameLoop before 4.1.21.90 suffers from a security vulnerability that originates from a malicious attacker in the MITM position that can be exploited to spo...
CVE-2019-7895
A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to layouts can execute arbitrary code through a crafted XML layout update...
CVE-2019-7895
A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to layouts can execute arbitrary code through a crafted XML layout update...