CVE-2026-21349

creationtimestamp| type| source ---|---|--- 2026-02-11 07:26:09+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mekx34rp6f2o...

CVE-2026-21349

Lightroom Desktop versions 15.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Adobe Lightroom Classic < 15.1.1 Arbitrary code execution (APSB26-06)

The version of Adobe Lightroom Classic installed on the remote Windows host is prior to 15.1.1. It is, therefore, affected by a vulnerability as referenced in the APSB26-06 advisory. - Out-of-bounds Write CWE-787 potentially leading to Arbitrary code execution CVE-2026-21349 Note that Nessus has...

Security Bulletin: Multiple vulnerabilities in multiple dependencies affect IBM MessageGateway/ MessageSight

Summary There are multiple vulnerabilities in Liberty, IBM Runtime Environment Java Version 8.0, Dojo and OpenSSL used by IBM MessageGateway/ MessageSight Vulnerability Details CVEID:CVE-2022-21365 DESCRIPTION: An unspecified vulnerability in Java SE related to the ImageIO component could allow a...

CVE-2024-21349

creationtimestamp| type| source ---|---|--- 2024-02-13 20:06:55+00:00| seen| https://t.me/ctinow/184117 2025-05-09 18:26:10+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/15799...

CVE-2024-21349

Microsoft ActiveX Data Objects Remote Code Execution Vulnerability...

CVE-2024-21349 Microsoft ActiveX Data Objects Remote Code Execution Vulnerability

...

CVE-2024-21349

Technical details for CVE-2024-21349 (Microsoft ActiveX Data Objects remote code execution) are not provided in the connected documents; no affected versions, root cause, impact, or remediation are cited. Monitor for updates.

KLA63958 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, gain privileges, spoof user interface, bypass security restrictions. Below is a complete list of...

CVE-2023-21349

In Package Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

CVE-2023-21349

In CVE-2023-21349, the Android Package Manager exposes a side-channel to determine whether an app is installed without query permissions, enabling local information disclosure with no privileges required and no user interaction. Multiple connected sources (NVD entry and Red Hat/CVE pages, CNVD, a...

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer operands are vulnerable to denial of service due to [CVE-2022-21349]

Summary Java is used by IBM App Connect Enterprise Certified Container IntegrationServers. IBM App Connect Enterprise Certified Container IntegrationServer operands are vulnerable to denial of service. This bulletin provides patch information to address the reported vulnerability in Java...

K40293611: Oracle Java SE vulnerability CVE-2022-21349

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 7u321, 8u311; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerabili...

SUSE CVE-2022-21349

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 7u321, 8u311; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated...

Security Bulletin: Multiple vulnerabilities have been identified in IBM Java 8 shipped with IBM® Intelligent Operations Center (CVE-2022-21365, CVE-2022-21360, CVE-2022-21349, CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-20)

Summary Multiple vulnerabilities have been identified in Oracle January 2022 CPU for Java 8 which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs...

Fixed 50 CVEs in java-1.7.0-openjdk

Bump to 2.6.28 and OpenJDK 7u351-b01. - Security fixes in 7u351: - CVE-2022-21540: Improve class compilation JDK-8281859 - CVE-2022-21541: Enhance MethodHandle invocations JDK-8281866 - CVE-2022-34169: Improve Xalan supports JDK-8285407 - Security fixes in 7u341: - CVE-2022-21426: Better XPath...

Security Bulletin: IBM Rational Build Forge is vulnerable to unspecified vulnerabilities due to the use of IBM Java.

Summary IBM Java is used by IBM Rational Build Forge. Multple vulnerabilities have been identified CVE-2022-21365, CVE-2022-21360, CVE-2022-21349, CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21294, CVE-2022-21293, CVE-2022-21291, and CVE-2022-21248. These vulnerabiltiies have been...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Netcool Impact

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Tivoli Netcool Impact. IBM Tivoli Netcool Impact has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2022-21365 DESCRIPTION: An unspecified vulnerability in Java SE related to th...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Business Service Manager

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Tivoli Business Service Manager. IBM Tivoli Business Service Manager has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2022-21365 DESCRIPTION: An unspecified vulnerability in...

Security Bulletin: IBM Sterling Connect:Direct Web Service is vulnerable to multiple vulnerabilities due to IBM Java

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions. IBM Sterling Connect:Direct Web Service has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-21365 DESCRIPTION: An unspecified vulnerability in Java SE related to the ImageIO component could...