VYPR

rpm package

suse/java-1_8_0-ibm&distro=SUSE Linux Enterprise Server 12 SP2-BCL

pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL

Vulnerabilities (158)

  • CVE-2018-13785MedJul 9, 2018
    affected < 1.8.0_sr5.25-30.39.1fixed 1.8.0_sr5.25-30.39.1

    In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.

  • CVE-2018-11212MedMay 16, 2018
    affected < 1.8.0_sr5.30-30.46.1fixed 1.8.0_sr5.30-30.46.1

    An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file.

  • CVE-2018-2826HigApr 19, 2018
    affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1

    Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successf

  • CVE-2018-2825HigApr 19, 2018
    affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1

    Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successf

  • CVE-2018-2814HigApr 19, 2018
    affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1

    Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with netwo

  • CVE-2018-2800MedApr 19, 2018
    affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1

    Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u181, 7u171 and 8u162; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple

  • CVE-2018-2799MedApr 19, 2018
    affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated att

  • CVE-2018-2798MedApr 19, 2018
    affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticat

  • CVE-2018-2797MedApr 19, 2018
    affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticat

  • CVE-2018-2796MedApr 19, 2018
    affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthentica

  • CVE-2018-2795MedApr 19, 2018
    affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthen

  • CVE-2018-2794HigApr 19, 2018
    affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1

    Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162, 10 and JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infras

  • CVE-2018-2790LowApr 19, 2018
    affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1

    Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with netw

  • CVE-2018-2783HigApr 19, 2018
    affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenti

  • CVE-2018-1417HigFeb 22, 2018
    affected < 1.8.0_sr5.15-30.33.1fixed 1.8.0_sr5.15-30.33.1

    Under certain circumstances, a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0) allows untrusted code running under a security manager to elevate its privileges. IBM X-Force ID: 138823.

  • CVE-2017-3736MedNov 2, 2017
    affected < 1.8.0_sr5.20-30.36.1fixed 1.8.0_sr5.20-30.36.1

    There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are n

  • CVE-2017-3732MedMay 4, 2017
    affected < 1.8.0_sr5.20-30.36.1fixed 1.8.0_sr5.20-30.36.1

    There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and

  • CVE-2016-0705CriMar 3, 2016
    affected < 1.8.0_sr5.20-30.36.1fixed 1.8.0_sr5.20-30.36.1

    Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed DSA privat

Page 8 of 8