BIT-JRE-2020-2830

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Concurrency. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via multipl...

BIT-JAVA-MIN-2024-21085

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Concurrency. Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to exploit vulnerability...

BIT-JAVA-2024-21085

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Concurrency. Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to exploit vulnerability...

BIT-JAVA-MIN-2020-2830

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Concurrency. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via multipl...

PT-2026-37911

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Concurrency. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via multipl...

PT-2026-37796

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Concurrency. Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to exploit vulnerability...

Security Bulletin: IBM Sterling Secure Proxy is vulnerable to multiple issues

Summary Multple vulnerabilities affect IBM Sterling Secure Proxy and are addressed in the latest release and iFix Vulnerability Details CVEID:CVE-2024-30172 DESCRIPTION: The Bouncy Castle Crypto Package For Java is vulnerable to a denial of service, caused by an infinite loop in the Ed25519...

Security Bulletin: Security vulnerabilities may affect IBM Java shipped with IBM CICS TX Standard.

Summary Security vulnerabilities may affect IBM Java shipped with IBM CICS TX Standard. Updates to IBM CICS TX Standard have been released to address these vulnerabilities. Vulnerability Details CVEID:CVE-2024-21145 DESCRIPTION: An unspecified vulnerability in Java SE related to the 2D component...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 8 used by AIX. AIX has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-21145 DESCRIPTION: An unspecified vulnerability in Java SE related to the 2D component could allow a remote attacker to...

USN-7096-1 openjdk-8 vulnerabilities

Andy Boothe discovered that the Networking component of OpenJDK 8 did not properly handle access under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. CVE-2024-21208 It was discovered that the Hotspot component of OpenJDK 8 did not...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Business Developer

Summary There are multiple vulnerabilities in IBM® SDK Java™ used by Rational Business Developer. Rational Business Developer has provided fixes for the applicable CVEs. These issues were disclosed as part of the IBM Java SDK and Runtime Environment updates in the Oracle July 2024 Critical Patch...

Security Bulletin: IBM App Connect Enterprise has multiple vulnerabilities due to IBM Semeru Runtime (CVE-2024-21131, CVE-2024-21144, CVE-2024-21145)

Summary IBM App Connect Enterprise has multiple vulnerabilities due to IBM Semeru Runtime CVE-2024-21131, CVE-2024-21144, CVE-2024-21145. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-21145 DESCRIPTION: An unspecified vulnerability...

USN-6929-1: OpenJDK 8 vulnerabilities

It was discovered that the Hotspot component of OpenJDK 8 was not properly bounding certain UTF-8 strings, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2024-21131 It was discovered that the Hotspot...

UBUNTU-CVE-2024-21144

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Concurrency. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability...

The vulnerability of the Concurrency component in Oracle Java SE and Oracle GraalVM Enterprise Edition software platforms allows attackers to trigger service interruptions.

The vulnerability of the Concurrency component in Oracle Java SE and Oracle GraalVM Enterprise Edition software platforms is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...

Oracle Java SE Security Update (Jul 2024) -1 - Windows

Oracle Java SE is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OpenJDK: Pack200 excessive memory allocation (8322114)

A flaw was found in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Concurrency. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition...

The vulnerability of the AtomicReferenceArray class implementation in the Concurrency component of the Java Runtime Environment allows a malicious actor to trigger a service failure.

The vulnerability of the AtomicReferenceArray class implementation in the Java Runtime Environment concurrency component is related to errors in object type handling. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server for IBM Cloud Private VM Quickstarter

Summary There are multiple vulnerabiltities in WebSphere Application Server Liberty that is shipped with IBM WebSphere Application for IBM Cloud Private VM Quickstarter. Information disclosure in WebSphere Application Server. There is a denial of service vulnerablility in WebSphere Application...

The vulnerability of the Concurrency component in Oracle Java SE and Oracle Java SE Embedded software platforms allows a attacker to trigger a service failure.

The vulnerability of the Concurrency component in Oracle Java SE and Oracle Java SE Embedded software platforms is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...