Page 46 of 1412 results (0.012 seconds)

CVSS: 6.8EPSS: 0%CPEs: 29EXPL: 0

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JSSE). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via SSL/TLS to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html http://www.securityfocus.com/bid/105617 http://www.securitytracker.com/id/1041889 https://access.redhat.com/errata/RHSA-2018:2942 https://access.redhat.com/errata/RHSA-2018:2943 https://access.redhat.com/errata/RHSA-2018:3000 https://access.redhat.com/errata/RHSA-2018:3001 https://access.redhat.com/errata/RHSA-2018:3002 https://access.redhat.com/errata/RHSA-2018:3003 https://access.redhat.com/errata/ • CWE-295: Improper Certificate Validation •

CVSS: 9.0EPSS: 0%CPEs: 21EXPL: 0

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Scripting). Supported versions that are affected are Java SE: 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html http://www.securityfocus.com/bid/105622 http://www.securitytracker.com/id/1041889 https://access.redhat.com/errata/RHSA-2018:2942 https://access.redhat.com/errata/RHSA-2018:2943 https://access.redhat.com/errata/RHSA-2018:3002 https://access.redhat.com/errata/RHSA-2018:3003 https://access.redhat.com/errata/RHSA-2018:3521 https://access.redhat.com/errata/RHSA-2018:3533 https://access.redhat.com/errata/ • CWE-284: Improper Access Control •

CVSS: 9.8EPSS: 0%CPEs: 30EXPL: 0

Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity. Paramiko en versiones 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5 y 1.17.6 contiene una vulnerabilidad de control de acceso incorrecto en el servidor SSH que puede resultar en la ejecución remota de código. Este ataque parece ser explotable mediante conectividad de red. • https://access.redhat.com/errata/RHBA-2018:3497 https://access.redhat.com/errata/RHSA-2018:3347 https://access.redhat.com/errata/RHSA-2018:3406 https://access.redhat.com/errata/RHSA-2018:3505 https://github.com/paramiko/paramiko/issues/1283 https://herolab.usd.de/wp-content/uploads/sites/4/usd20180023.txt https://lists.debian.org/debian-lts-announce/2018/10/msg00018.html https://lists.debian.org/debian-lts-announce/2021/12/msg00025.html https://usn.ubuntu.com/3796-1 h • CWE-305: Authentication Bypass by Primary Weakness CWE-863: Incorrect Authorization •

CVSS: 9.8EPSS: 27%CPEs: 24EXPL: 7

Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character. Git en versiones anteriores a la 2.14.5, versiones 2.15.x anteriores a la 2.15.3, versiones 2.16.x anteriores a la 2.16.5, versiones 2.17.x anteriores a la 2.17.2, versiones 2.18.x anteriores a la 2.18.1 y versiones 2.19.x anteriores a la 2.19.1 permite la ejecución remota de código durante el procesamiento de un "clon de git" recursivo de un superproyecto si un archivo .gitmodules tiene un campo URL que comienza por un carácter "-". An option injection flaw has been discovered in git when it recursively clones a repository with sub-modules. A remote attacker may configure a malicious repository and trick a user into recursively cloning it, thus executing arbitrary commands on the victim's machine. • https://www.exploit-db.com/exploits/45631 https://www.exploit-db.com/exploits/45548 https://github.com/AnonymKing/CVE-2018-17456 https://github.com/matlink/CVE-2018-17456 https://github.com/shpik-kr/CVE-2018-17456 https://github.com/799600966/CVE-2018-17456 https://github.com/KKkai0315/CVE-2018-17456 http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html http://packetstormsecurity.com/files/152173/Sourcetree-Git-Arbitrary-Code-Execution-URL-Handling.html http:/ • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •

CVSS: 9.1EPSS: 37%CPEs: 16EXPL: 1

A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the sandboxed content process. This vulnerability affects Firefox ESR < 60.2.2 and Firefox < 62.0.3. Vulnerabilidad por la cual el compilador JIT de JavaScript inserta Array.prototype.push con múltiples argumentos que resultan en que el puntero de la pila está fuera de su sitio por 8 bytes tras un bailout. Esto filtra una dirección de memoria a la función llamante que puede emplearse como parte de un exploit dentro del proceso de contenido en sandbox. • http://www.securityfocus.com/bid/105460 http://www.securitytracker.com/id/1041770 https://access.redhat.com/errata/RHSA-2018:2881 https://access.redhat.com/errata/RHSA-2018:2884 https://bugzilla.mozilla.org/show_bug.cgi?id=1493903 https://security.gentoo.org/glsa/201810-01 https://usn.ubuntu.com/3778-1 https://www.debian.org/security/2018/dsa-4310 https://www.mozilla.org/security/advisories/mfsa2018-24 https://access.redhat.com/security/cve/CVE-2018-12387 https:/&#x • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •