Siemens Ruggedcom ROX NULL Pointer Dereference (CVE-2021-35578)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacker...

IBM WebSphere eXtreme Scale 8.6.1.0 < 8.6.1.6 (7256003)

The version of IBM WebSphere eXtreme Scale installed on the remote host is prior to 8.6.1.6. It is, therefore, affected by multiple vulnerabilities as referenced in the 7256003 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of...

TencentOS Server 4: java-21-konajdk (TSSA-2025:0409)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0409 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

Security Bulletin: Several Security Vulnerabilities have been discovered in IBM Security Verify Directory Appliance

Summary Security Vulnerabilities have been addressed in IBM Security Verify Directory Appliance. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote attacker to cause high confidentiality and hig...

ROS-20250908-06

A vulnerability in Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect input data validation in the 2D component of Oracle GraalVM. Oracle Java SE platform is related to incorrect input data validation in...

Security Bulletin: An unspecified vulnerability in Java SE related to the Server, which affects IBM watsonx.data

Summary An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote attacker to cause high confidentiality and high integrity impact. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java S...

Solaris 10 (sparc): 153339-61

SunOS 5.10: JavaSE 8: update 461 patch equivalent to JDK 8u461, 64bit. Date this patch was last updated by Sun : Jul/14/25 %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include"compat.inc"; if description scriptid255257;...

Bouncy Castle for Java has Uncontrolled Resource Consumption Vulnerability

Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All API modules allows Excessive Allocation. This vulnerability is associated with program files org/bouncycastle/crypto/fips/AESNativeCBC.Java. This issue affects Bouncy...

Linux Distros Unpatched Vulnerability : CVE-2018-3209

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Java SE component of Oracle Java SE subcomponent: JavaFX. The supported version that is affected is Java SE: 8u182. Difficult to exploit...

CVE-2019-2983 vulnerabilities

Vulnerabilities for packages: openjdk-11-openj9, openjdk-8-openj9, openjdk-17-openj9, openjdk-21-openj9, openjdk...

openjdk: Improve HTTP client header handling (Oracle CPU 2025-07)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1...

Important: java-1.8.0-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE:8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK:17.0.14, 21.0.6...

CVE-2021-2302

Vulnerability in the Oracle Platform Security for Java product of Oracle Fusion Middleware component: OPSS. Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

Important: java-1.8.0-openjdk

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE:8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK:17.0.14, 21.0.6...

JAdmin 代码注入漏洞

JAdmin is JAdmin-JAVA open source a Java language based rapid development platform . JAdmin 1.0 version of the code injection vulnerability , the vulnerability stems from the file / memoAjax / save in the parameter ID operation leads to cross-site scripting...

JAdmin 授权问题漏洞

JAdmin is JAdmin-JAVA open source a Java language based rapid development platform. JAdmin 1.0 version of the authorization problem vulnerability, the vulnerability stems from the file NoNeedLoginController.java in the Admin Backend component of the toLogin function has improper authentication...

JeecgBoot 安全漏洞

JeecgBoot is a Java low-code platform for enterprise web applications from China National Torch Jeecg. A security vulnerability exists in JeecgBoot version v.3.7.2, which originated from the inclusion of a SQL injection vulnerability that allows remote attackers to obtain sensitive information vi...

GHSA-6V67-2WR5-GVF4 QOS.CH logback-core Server-Side Request Forgery vulnerability

Server-Side Request Forgery SSRF in SaxEventRecorder by QOS.CH logback version 1.5.12 on the Java platform, allows an attacker to forge requests by compromising logback configuration files in XML. The attacks involves the modification of DOCTYPE declaration in XML configuration files...

DEBIAN-CVE-2024-12801

Server-Side Request Forgery SSRF in SaxEventRecorder by QOS.CH logback version 0.1 to 1.3.14 and 1.4.0 to 1.5.12 on the Java platform, allows an attacker to forge requests by compromising logback configuration files in XML. The attacks involves the modification of DOCTYPE declaration in XML...

UBUNTU-CVE-2024-12801

Server-Side Request Forgery SSRF in SaxEventRecorder by QOS.CH logback version 0.1 to 1.3.14 and 1.4.0 to 1.5.12 on the Java platform, allows an attacker to forge requests by compromising logback configuration files in XML. The attacks involves the modification of DOCTYPE declaration in XML...