exploit the possibilities
Showing 1 - 25 of 2,364 RSS Feed

Java Files

Red Hat Security Advisory 2019-1712-01
Posted Jul 9, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1712-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 7 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, java, web, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2018-0739, CVE-2019-0232
MD5 | b873acd280d331eebb5b9a89a00a2f19
Red Hat Security Advisory 2019-1711-01
Posted Jul 9, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1711-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 7 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.

tags | advisory, java, web, denial of service
systems | linux, redhat
advisories | CVE-2018-0739
MD5 | 2a275448735516008619b561fd01c504
Cisco Prime Infrastructure Health Monitor TarArchive Directory Traversal
Posted Jun 19, 2019
Authored by mr_me, sinn3r | Site metasploit.com

This Metasploit module exploits a vulnerability found in Cisco Prime Infrastructure. The issue is that the TarArchive Java class the HA Health Monitor component uses does not check for any directory traversals while unpacking a Tar file, which can be abused by a remote user to leverage the UploadServlet class to upload a JSP payload to the Apache Tomcat's web apps directory, and gain arbitrary remote code execution. Note that authentication is not required to exploit this vulnerability.

tags | exploit, java, remote, web, arbitrary, code execution
systems | cisco
advisories | CVE-2019-1821
MD5 | 6a669bb3bf795d44702236698b246f05
Red Hat Security Advisory 2019-1518-01
Posted Jun 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1518-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Multiple security issues have been addressed.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2019-2602, CVE-2019-2684
MD5 | 5a76bd0aa1541ee42bdef3cc1ba8eb00
Java Card Proof Of Concepts
Posted Jun 14, 2019
Authored by Adam Gowdiak | Site security-explorations.com

Security Explorations has discovered multiple security vulnerabilities in the reference implementation of Java Card technology from Oracle used in financial, government, transportation and telecommunication sectors among others. As for the impact, the vulnerabilities found make it possible to break memory safety of the underlying Java Card VM. As a result, full access to smartcard memory could be achieved, applet firewall could be broken or native code execution could be gained. This archive contains the proof of concept code that demonstrates these vulnerabilities which were originally made public in March of 2019.

tags | exploit, java, vulnerability, code execution, proof of concept
MD5 | 2c80166b698e465440e3bf6ffd7c105e
Gemalto Java Card SE-2019-01 Issue 34
Posted Jun 14, 2019
Authored by Adam Gowdiak | Site security-explorations.com

This is the second of two extensive reports sent to Gemalto by Security Explorations to document vulnerabilities found in Java Card. Issue 34 is documented in this report.

tags | advisory, java, vulnerability
MD5 | d9d4dd88017b5a8c8de37bb6f8efe69a
Gemalto Java Card SE-2019-01 Issues 19 And 33
Posted Jun 14, 2019
Authored by Adam Gowdiak | Site security-explorations.com

This is the first of two extensive reports sent to Gemalto by Security Explorations to document vulnerabilities found in Java Card. Issues 19 and 33 are in this report.

tags | advisory, java, vulnerability
MD5 | 6889db3914a3b0be2c76961d2f95e557
Oracle Java Card SE-2019-01 Issues 26-32
Posted Jun 14, 2019
Authored by Adam Gowdiak | Site security-explorations.com

This is the third of three extensive reports sent to Oracle by Security Explorations to document vulnerabilities found in Java Card. Issues 26 through 32 are in this report.

tags | advisory, java, vulnerability
MD5 | a6ad3d9330327f5a7808f847610eba22
Oracle Java Card SE-2019-01 Issues 20-25
Posted Jun 14, 2019
Authored by Adam Gowdiak | Site security-explorations.com

This is the second of three extensive reports sent to Oracle by Security Explorations to document vulnerabilities found in Java Card. Issues 20 through 25 are in this report.

tags | advisory, java, vulnerability
MD5 | 4c3b6b313f3d71091e91a41f644cac99
Oracle Java Card SE-2019-01 Issues 1-18
Posted Jun 14, 2019
Authored by Adam Gowdiak | Site security-explorations.com

This is the first of three extensive reports sent to Oracle by Security Explorations to document vulnerabilities found in Java Card. Issues 1 through 18 are in this report.

tags | advisory, java, vulnerability
MD5 | fd85979e79e3b9f2c88dca6478a9c0fd
LDAP Swiss Army Knife
Posted Jun 12, 2019
Authored by Moritz Bechler | Site github.com

This paper presents the "LDAP Swiss Army Knife", an easy to use LDAP server implementation built for penetration oder software testing. Apart from general usage as a server or proxy it also shows some specific attacks against Java/JNDI based LDAP clients.

tags | paper, java
MD5 | a5b08197ac7d25c91698564ff5769d7b
Red Hat Security Advisory 2019-1421-01
Posted Jun 10, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1421-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 7.2.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.1, and includes bug fixes and enhancements. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2019-3872, CVE-2019-3873, CVE-2019-3888
MD5 | cb471b220e3570ce2cae8a50ef8c3674
Red Hat Security Advisory 2019-1424-01
Posted Jun 10, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1424-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 7.2.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.1, and includes bug fixes and enhancements. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2019-3872, CVE-2019-3873, CVE-2019-3888
MD5 | 60beab3c48d06b76bfa246bb2312ad47
Red Hat Security Advisory 2019-1419-01
Posted Jun 10, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1419-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 7.2.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.1, and includes bug fixes and enhancements. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2019-3872, CVE-2019-3873, CVE-2019-3888
MD5 | 481dcc3410b67f560f7c656ae215407a
Red Hat Security Advisory 2019-1420-01
Posted Jun 10, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1420-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 7.2.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.1, and includes bug fixes and enhancements. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2019-3872, CVE-2019-3873, CVE-2019-3888
MD5 | d0732c28ffa688b57dbcfa6d386076dc
Red Hat Security Advisory 2019-1325-01
Posted Jun 4, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1325-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP35.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2019-10245, CVE-2019-2602, CVE-2019-2684, CVE-2019-2697, CVE-2019-2698
MD5 | 8a4d2fa7f43eede50e943a37e4c9c1b3
Debian Security Advisory 4453-1
Posted May 30, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4453-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service or sandbox bypass.

tags | advisory, java, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2019-2602, CVE-2019-2684, CVE-2019-2698
MD5 | 39c6985d2cf9c8e5184112ce198a5ec6
Oracle Application Testing Suite WebLogic Server Administration Console War Deployment
Posted May 24, 2019
Authored by mr_me, sinn3r | Site metasploit.com

This Metasploit module abuses a feature in WebLogic Server's Administration Console to install a malicious Java application in order to gain remote code execution. Authentication is required, however by default, Oracle ships with a "oats" account that you could log in with, which grants you administrator access.

tags | exploit, java, remote, code execution
advisories | CVE-2007-2699
MD5 | 9a7a35420a7e1068748a47c0e1281e01
Debian Security Advisory 4452-1
Posted May 24, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4452-1 - Multiple security issues were found in jackson-databind, a Java library to parse JSON and other data formats which could result in information disclosure or the execution of arbitrary code.

tags | advisory, java, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2018-11307, CVE-2018-12022, CVE-2018-12023, CVE-2018-14718, CVE-2018-14719, CVE-2018-14720, CVE-2018-14721, CVE-2018-19360, CVE-2018-19361, CVE-2018-19362, CVE-2019-12086
MD5 | 78383c177773161d5c52cb51063d681c
Red Hat Security Advisory 2019-1238-01
Posted May 16, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1238-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP35. Issues addressed include a buffer overflow vulnerability.

tags | advisory, java, overflow
systems | linux, redhat
advisories | CVE-2018-11212, CVE-2018-12547, CVE-2018-12549, CVE-2019-10245, CVE-2019-2422, CVE-2019-2449, CVE-2019-2602, CVE-2019-2684, CVE-2019-2697, CVE-2019-2698
MD5 | d5028cbb41b3175a261cef09bfd409cc
Red Hat Security Advisory 2019-1165-01
Posted May 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1165-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP45. Issues addressed include an out of bounds access vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2019-10245, CVE-2019-2602, CVE-2019-2684, CVE-2019-2697, CVE-2019-2698
MD5 | be0604545320990fe2f8bad984f739d7
Red Hat Security Advisory 2019-1163-01
Posted May 14, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1163-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP35. Issues addressed include an out-of-bounds access vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2019-10245, CVE-2019-2602, CVE-2019-2684, CVE-2019-2697, CVE-2019-2698
MD5 | 98dca04cc657a5c583a29536822e99d0
Red Hat Security Advisory 2019-1166-01
Posted May 14, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1166-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP45. Issues addressed include an out-of-bounds access vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2019-10245, CVE-2019-2602, CVE-2019-2684, CVE-2019-2697, CVE-2019-2698
MD5 | e5b9cdccb42ed1143691e65fc18c58e7
Red Hat Security Advisory 2019-1164-01
Posted May 14, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1164-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP35. Issues addressed include an out-of-bounds access vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2019-10245, CVE-2019-2602, CVE-2019-2684, CVE-2019-2697, CVE-2019-2698
MD5 | 8fe0274eb472dc9f790249da621a96ef
Ubuntu Security Notice USN-3975-1
Posted May 14, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3975-1 - It was discovered that the BigDecimal implementation in OpenJDK performed excessive computation when given certain values. An attacker could use this to cause a denial of service. Corwin de Boor and Robert Xiao discovered that the RMI registry implementation in OpenJDK did not properly select the correct skeleton class in some situations. An attacker could use this to possibly escape Java sandbox restrictions. Various other issues were also addressed.

tags | advisory, java, denial of service, registry
systems | linux, ubuntu
advisories | CVE-2019-2602, CVE-2019-2684, CVE-2019-2697, CVE-2019-2698
MD5 | 521a7981d1b62cfdfcb3e98017ad5165
Page 1 of 95
Back12345Next

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    16 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    7 Files
  • 18
    Jul 18th
    5 Files
  • 19
    Jul 19th
    12 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close