Red Hat Security Advisory 2021-2047-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.7 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include code execution and information leakage vulnerabilities.
d5ad395928e841840f7f6f06106a17d9Red Hat Security Advisory 2021-2048-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.7 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include code execution and information leakage vulnerabilities.
6d25a455f532ae0f8b95c2829b43168eRed Hat Security Advisory 2021-2051-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.7 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include code execution and information leakage vulnerabilities.
ff003f00b1bab9c1b08511f3bd3326f1This Metasploit module exploits an unauthenticated Java deserialization in the NetMotion Mobility server's MvcUtil.valueStringToObject() method, as invoked through the /mobility/Menu/isLoggedOn endpoint, to execute code as the SYSTEM account. Mobility server versions 11.x before 11.73 and 12.x before 12.02 are vulnerable. Tested against 12.01.09045 on Windows Server 2016.
099e5d37c98e486066b89c7cb042e100Red Hat Security Advisory 2021-1509-01 - Jetty is a 100% Java HTTP Server and Servlet Container. Issues addressed include a resource exhaustion vulnerability.
c51577078065e34bc77063a1acd2d3f7Red Hat Security Advisory 2021-1445-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for Windows serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
895d4ba6bc86c4c59b1111c61f54a3eeRed Hat Security Advisory 2021-1444-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
c4417b2de19a902d98cabbd1cf4dc24cRed Hat Security Advisory 2021-1447-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for Windows serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
41962cbb637bf1aa0dbd81efe491a535Red Hat Security Advisory 2021-1446-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
9873994b6eba2f96b3106c99305e0d75Red Hat Security Advisory 2021-1354-01 - XStream is a Java XML serialization library to serialize objects to and deserialize object from XML.
b134113f08ca89e0166303ca82d3cdfeRed Hat Security Advisory 2021-1315-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
b4131126e2246b1e20bdf82bad9359e2Red Hat Security Advisory 2021-1297-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
46cddb0b9b7fd0166e21f4f90930e50fRed Hat Security Advisory 2021-1298-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
0b371cd2109856ff8d5665f5a3a37f31Red Hat Security Advisory 2021-1307-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
08039b63369b6d5f5d219937f818f7dcRed Hat Security Advisory 2021-1306-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
f1b92a5f5e9433b28f07b4b4325eebf6Red Hat Security Advisory 2021-1299-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
389a7b86bc01ae4ddb99542b13af23c4Red Hat Security Advisory 2021-1305-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
5c48a3f2f2c7890f11d3a0027b4c8354Red Hat Security Advisory 2021-1301-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
f878d8777def1517a23f780a08c35f44Red Hat Security Advisory 2021-1202-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 12 serves as a replacement for Red Hat JBoss Web Server 3.1.11, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and null pointer vulnerabilities.
a9eb97ddf71ce9ca727565fce2c101b9Red Hat Security Advisory 2021-1203-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 12 serves as a replacement for Red Hat JBoss Web Server 3.1.11, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and null pointer vulnerabilities.
729f47d6be380b2965ef0599a9540c25Red Hat Security Advisory 2021-1195-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. Issues addressed include bypass and null pointer vulnerabilities.
dacb6d6c13c5d9b7be6d35069dad438dRed Hat Security Advisory 2021-1196-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. Issues addressed include bypass and null pointer vulnerabilities.
1e20b1d3fa25aae80ecbb9ca2aa74000This Metasploit module exploits a Java deserialization vulnerability in Apache OFBiz's unauthenticated SOAP endpoint /webtools/control/SOAPService for versions prior to 17.12.06.
0c60a02f29914741889c08a1688d97ffA malicious authenticated attacker could abuse some particular services exposed by the SAP JAVA Netweaver allowing them to execute commands in the underlying operating system. SAP Netweaver JAVA versions 7.30 through 7.50 are affected.
17d21dafdf0937311a146d93f842bdf8A malicious unauthenticated user could abuse the lack of authentication check on a particular web service exposed by default in SAP Netweaver JAVA stack, allowing them to fully compromise the targeted system. Affected components include SAP Netweaver JAVA versions 7.30 through 7.50 and LM CONFIGURATION WIZARD versions 7.30 SP019 Patch 0000, 7.30 SP020 Patch 0000, 7.31 SP023 Patch 0000, 7.31 SP024 Patch 0000, 7.31 SP025 Patch 0000, 7.31 SP026 Patch 0000, 7.40 SP018 Patch 0000, 7.40 SP019 Patch 0000, 7.40 SP020 Patch 0000, 7.40 SP021 Patch 0000, 7.50 SP012 Patch 0001 and lower, 7.50 SP013 Patch 0002 and lower, 7.50 SP014 Patch 0001 and lower, 7.50 SP015 Patch 0001 and lower, 7.50 SP016 Patch 0001 and lower, 7.50 SP017 Patch 0001 and lower, and 7.50 SP018 Patch 0000.
44a27772e9c136ff2e4945cc84c95395
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed