what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 3,128 RSS Feed

Java Files

Apache Solr Backup/Restore API Remote Code Execution
Posted Apr 24, 2024
Authored by jheysel-r7, l3yx | Site metasploit.com

Apache Solr versions 6.0.0 through 8.11.2 and versions 9.0.0 up to 9.4.1 are affected by an unrestricted file upload vulnerability which can result in remote code execution in the context of the user running Apache Solr. When Apache Solr creates a Collection, it will use a specific directory as the classpath and load some classes from it. The backup function of the Collection can export malicious class files uploaded by attackers to the directory, allowing Solr to load custom classes and create arbitrary Java code. Execution can further bypass the Java sandbox configured by Solr, ultimately causing arbitrary command execution.

tags | exploit, java, remote, arbitrary, code execution, file upload
advisories | CVE-2023-50386
SHA-256 | 982c87ed2032bff9e2a889f42db78ed065aa2707c068813f76b1c3875193d49d
Debian Security Advisory 5672-1
Posted Apr 23, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5672-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or information disclosure.

tags | advisory, java, denial of service, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2024-21011, CVE-2024-21012, CVE-2024-21068, CVE-2024-21094
SHA-256 | a9064c09d4359e5484ea104362dc6a838926946bd9996ac856a59a71a2840bdb
Debian Security Advisory 5671-1
Posted Apr 23, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5671-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or information disclosure.

tags | advisory, java, denial of service, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2024-21011, CVE-2024-21012, CVE-2024-21068, CVE-2024-21085, CVE-2024-21094
SHA-256 | 5c18eb648b6f3785439fef0afc436e9646416b6ddec16705c0cb435ea59ff3a9
Red Hat Security Advisory 2024-1828-03
Posted Apr 23, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1828-03 - An update for java-21-openjdk is now available for Red Hat Enterprise Linux 8 and Red Hat Enterprise Linux 9. Issues addressed include an integer overflow vulnerability.

tags | advisory, java, overflow
systems | linux, redhat
advisories | CVE-2024-21011
SHA-256 | 66e1f9efa2400c9987955cf56660274bc6b9aa14c3c2998d7b044398bd290fd0
Red Hat Security Advisory 2024-1822-03
Posted Apr 23, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1822-03 - An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Extended Update Support, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 9.0 Extended Update Support, and Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include an integer overflow vulnerability.

tags | advisory, java, overflow
systems | linux, redhat
advisories | CVE-2024-21011
SHA-256 | 44c796b582a5b81103c18e46e4067bab53be13a7c3404887b51ecf0ca5192eb2
Red Hat Security Advisory 2024-1821-03
Posted Apr 23, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1821-03 - An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Issues addressed include an integer overflow vulnerability.

tags | advisory, java, overflow
systems | linux, redhat
advisories | CVE-2024-21011
SHA-256 | f40237d1edf007c8f38b1b79b61e3d331c7043f8da3f2c8f859bc63cd66691e0
Red Hat Security Advisory 2024-1818-03
Posted Apr 23, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1818-03 - An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Extended Update Support, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 9.0 Extended Update Support, and Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include an integer overflow vulnerability.

tags | advisory, java, overflow
systems | linux, redhat
advisories | CVE-2024-21011
SHA-256 | b6b72d2d07588c0a0e612a9b7cfc352c741b627263cf5b7200b33362cb8d5793
Debian Security Advisory 5664-1
Posted Apr 18, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5664-1 - Jetty 9 is a Java based web server and servlet engine. It was discovered that remote attackers may leave many HTTP/2 connections in ESTABLISHED state (not closed), TCP congested and idle. Eventually the server will stop accepting new connections from valid clients which can cause a denial of service.

tags | advisory, java, remote, web, denial of service, tcp
systems | linux, debian
advisories | CVE-2024-22201
SHA-256 | f811fdb59918d1ff6c0f69e7c41be61c5a9681f083aca6ccdb106ccc1fb89b43
Red Hat Security Advisory 2024-1825-03
Posted Apr 18, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1825-03 - An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Extended Update Support, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 9.0 Extended Update Support, and Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include an integer overflow vulnerability.

tags | advisory, java, overflow
systems | linux, redhat
advisories | CVE-2024-21011
SHA-256 | 4fba84c5865b83ce2be2d7d40ed4bdb7edd461ec78209e4934479634d0dbb955
Red Hat Security Advisory 2024-1817-03
Posted Apr 18, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1817-03 - An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Issues addressed include an integer overflow vulnerability.

tags | advisory, java, overflow
systems | linux, redhat
advisories | CVE-2024-21011
SHA-256 | 4b59b814abb1f6beb94c843f2e7878d96e9b753b88e25787268ef28e30c57ee6
Ubuntu Security Notice USN-6696-1
Posted Mar 18, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6696-1 - Yi Yang discovered that the Hotspot component of OpenJDK 8 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. It was discovered that the Hotspot component of OpenJDK 8 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions.

tags | advisory, java, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20926, CVE-2024-20945, CVE-2024-20952
SHA-256 | 4b0662938dd8d4f3377ff21d6e5a575b539f89ee7c9b38c565dd184d1e38fed8
Ubuntu Security Notice USN-6662-1
Posted Feb 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6662-1 - Yi Yang discovered that the Hotspot component of OpenJDK 21 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. It was discovered that the Hotspot component of OpenJDK 21 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions.

tags | advisory, java, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20945, CVE-2024-20952
SHA-256 | aaa047aaea8cde67a241170dbe81023fa98342d4dfece4d36d5b5774c741bb8a
Ubuntu Security Notice USN-6661-1
Posted Feb 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6661-1 - Yi Yang discovered that the Hotspot component of OpenJDK 17 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. It was discovered that the Hotspot component of OpenJDK 17 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions.

tags | advisory, java, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20932, CVE-2024-20945, CVE-2024-20952
SHA-256 | 074c45f3f5391055a9a621cd01f94fecea05dd020da0763a507bf083917efb09
Ubuntu Security Notice USN-6660-1
Posted Feb 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6660-1 - Yi Yang discovered that the Hotspot component of OpenJDK 11 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. It was discovered that the Hotspot component of OpenJDK 11 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions.

tags | advisory, java, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20926, CVE-2024-20945, CVE-2024-20952
SHA-256 | aa34f5f90f10131d0c663071adccbab36c202d5d64988d18d500f490c20b7cab
Red Hat Security Advisory 2024-0879-03
Posted Feb 20, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0879-03 - An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Issues addressed include denial of service and deserialization vulnerabilities.

tags | advisory, java, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2023-5676
SHA-256 | 21539e8ad6eb89398639a849c579977f6ef6754438fb5ff56e79d929991bbec0
Red Hat Security Advisory 2024-0866-03
Posted Feb 20, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0866-03 - An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8. Issues addressed include denial of service and deserialization vulnerabilities.

tags | advisory, java, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2023-5676
SHA-256 | 30e5668077d97760ad8a3286c9da5c6bb27b9dd1179bc70d3ab81244e99ede2b
Debian Security Advisory 5613-1
Posted Feb 2, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5613-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in side channel attacks, leaking sensitive data to log files, denial of service or bypass of sandbox restrictions.

tags | advisory, java, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20926, CVE-2024-20932, CVE-2024-20945, CVE-2024-20952
SHA-256 | f609441d6fb4c40057305e6428732ca7ac0e44c809f5eb956a054b02d0ed1ef4
Debian Security Advisory 5604-1
Posted Jan 24, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5604-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in side channel attacks, leaking sensitive data to log files, denial of service or bypass of sandbox restrictions.

tags | advisory, java, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20926, CVE-2024-20945, CVE-2024-20952
SHA-256 | 25108b8a08605a9bce524bb051d237998769db2d9c500fc6fcae6a5d10cb1173
Red Hat Security Advisory 2024-0266-03
Posted Jan 19, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0266-03 - An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 9, and Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include code execution and out of bounds access vulnerabilities.

tags | advisory, java, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2024-20918
SHA-256 | 869a73da8c9722ac48adce66f9a947eb24c4e16b9bc19da5b0295ecdc0019ced
Red Hat Security Advisory 2024-0267-03
Posted Jan 18, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0267-03 - An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 9, and Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include code execution and out of bounds access vulnerabilities.

tags | advisory, java, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2024-20918
SHA-256 | 25472340c13cb9f4577a8912a5d95f63053995c70bd7bf78286806e9369f1664
Red Hat Security Advisory 2024-0265-03
Posted Jan 18, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0265-03 - An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 9, and Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include code execution and out of bounds access vulnerabilities.

tags | advisory, java, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2024-20918
SHA-256 | 4bad16c511dcb29dee9422cff81de79c13f07ff10c55612fca6ee2648f96535d
Red Hat Security Advisory 2024-0249-03
Posted Jan 18, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0249-03 - An update for java-21-openjdk is now available for Red Hat Enterprise Linux 9. Issues addressed include code execution and out of bounds access vulnerabilities.

tags | advisory, java, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2024-20918
SHA-256 | a6281db3e40b4796c934f9b79123fe125b43a8258bb4f9ea04c34fbc1a8e1b0b
Red Hat Security Advisory 2024-0248-03
Posted Jan 18, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0248-03 - An update for java-21-openjdk is now available for Red Hat Enterprise Linux 8. Issues addressed include code execution and out of bounds access vulnerabilities.

tags | advisory, java, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2024-20918
SHA-256 | a744bc3e2917c7be87ba3de0c18a7c511146043ba0cbced3376d73d6bf7fc44a
Red Hat Security Advisory 2024-0244-03
Posted Jan 18, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0244-03 - An update for java-17-openjdk is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include code execution and out of bounds access vulnerabilities.

tags | advisory, java, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2024-20918
SHA-256 | 935fbee256143bfd82db9a8b4a591a2375e21172dd0dc555118651b596d8b479
Red Hat Security Advisory 2024-0242-03
Posted Jan 18, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0242-03 - An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include code execution and out of bounds access vulnerabilities.

tags | advisory, java, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2024-20918
SHA-256 | ec12389cf9386f7be203b6165f0d284f13f81f09c0b38e31fe3cbcb212f5271a
Page 1 of 126
Back12345Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    6 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close