Page 25 of 123 results (0.027 seconds)

CVSS: 8.3EPSS: 0%CPEs: 53EXPL: 0

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. • http://www.debian.org/security/2017/dsa-3919 http://www.debian.org/security/2017/dsa-3954 http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.securityfocus.com/bid/99734 http://www.securitytracker.com/id/1038931 https://access.redhat.com/errata/RHSA-2017:1789 https://access.redhat.com/errata/RHSA-2017:1790 https://access.redhat.com/errata/RHSA-2017:1791 https://access.redhat.com/errata/RHSA-2017:1792 https://access.redhat.com/errata/RHSA& •

CVSS: 7.1EPSS: 1%CPEs: 58EXPL: 0

The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read. La función Type_MLU_Read en cmstypes.c en Little CMS (también conocido como lcms2) permite a atacantes remotos obtener información sensible o provocar una denegación de servicio a través de una imagen con un perfil ICC manipulado, lo que desencadena una lectura de memoria dinámica fuera de límites. • http://lists.opensuse.org/opensuse-updates/2017-01/msg00174.html http://rhn.redhat.com/errata/RHSA-2016-2079.html http://rhn.redhat.com/errata/RHSA-2016-2658.html http://www.debian.org/security/2017/dsa-3774 http://www.openwall.com/lists/oss-security/2017/01/23/1 http://www.openwall.com/lists/oss-security/2017/01/25/14 http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.securityfocus.com/bid/95808 http://www.securitytracker.com/id& • CWE-125: Out-of-bounds Read •

CVSS: 9.8EPSS: 1%CPEs: 62EXPL: 0

inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. inffast.c en zlib 1.2.8 puede permitir que atacantes dependientes del contexto causen un impacto no especificado aprovechando una aritmética de puntero incorrecta.. • http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html http://www.openwall.com/lists/oss-security/2016/12/05/21 http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html http://www.securityfocus •