5829 matches found
CVE-2026-8643 vulnerabilities
Vulnerabilities for packages: wazuh-manager-fips, graalvm...
GHSA-WF93-45JW-7689 vulnerabilities
Vulnerabilities for packages: wazuh-manager-fips, graalvm...
CVE-2026-58138
Orkes Conductor 3.21.21 before 3.30.2 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbitrary OS commands by submitting inline workflow definitions containing malicious JavaScript or Python expressions to the workflow API endpoint prior to...
EUVD-2026-40377
Orkes Conductor 3.21.21 before 3.30.2 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbitrary OS commands by submitting inline workflow definitions containing malicious JavaScript or Python expressions to the workflow API endpoint prior to...
CVE-2026-58138
Orkes Conductor 3.21.21 before 3.30.2 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbitrary OS commands by submitting inline workflow definitions containing malicious JavaScript or Python expressions to the workflow API endpoint prior to...
CVE-2026-58138
CVE-2026-58138 affects Orkes Conductor 3.21.21 up to, but not including, 3.30.2. The vulnerability arises from unsandboxed GraalVM evaluators built with HostAccess.ALL (or allowAllAccess(true)) used by INLINE, LAMBDA, DO_WHILE, and SWITCH task types, enabling an unauthenticated attacker to submit...
CVE-2026-58138 Orkes Conductor 3.21.21 < 3.30.2 Unauthenticated RCE via GraalVM Script Evaluators
Orkes Conductor 3.21.21 before 3.30.2 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbitrary OS commands by submitting inline workflow definitions containing malicious JavaScript or Python expressions to the workflow API endpoint prior to...
IBM WebSphere eXtreme Scale 8.6.1.0 < 8.6.1.6 (7277387)
The version of IBM WebSphere eXtreme Scale installed on the remote host is prior to 8.6.1.6. It is, therefore, affected by multiple vulnerabilities as referenced in the 7277387 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of...
TencentOS Server 4: java-17-konajdk (TSSA-2026:0329)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0329 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
TencentOS Server 4: java-8-konajdk (TSSA-2026:0331)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0331 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
TencentOS Server 4: java-11-konajdk (TSSA-2026:0330)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0330 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
CVE-2026-22003
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u481 and 8u481-b50; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows low privileged...
TencentOS Server 3: java-1.8.0-openjdk (TSSA-2026:0394)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0394 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
TencentOS Server 3: java-17-openjdk (TSSA-2026:0395)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0395 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
TencentOS Server 3: java-21-openjdk (TSSA-2026:0396)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0396 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
ROS-20260524-73-0012
A vulnerability in the Libraries component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...
ROS-20260524-73-0011
A vulnerability in the Libraries component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...
ROS-20260524-73-0008
A vulnerability in the JGSS component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with a breach of the data protection mechanism. Exploitation of the vulnerability could allow a remote attacker to gain...
ROS-20260524-73-0009
A vulnerability in the JGSS component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with a breach of the data protection mechanism. Exploitation of the vulnerability could allow a remote attacker to gain...
ROS-20260524-73-0010
A vulnerability in the JGSS component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with a breach of the data protection mechanism. Exploitation of the vulnerability could allow a remote attacker to gain...