CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1993 matches found

Cvelist•added 2024/10/03 10:23 a.m.•31 views

CVE-2024-47561 Apache Avro Java SDK: Arbitrary Code Execution when reading Avro schema (Java SDK)

Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to execute arbitrary code. Users are recommended to upgrade to version 1.11.4 or 1.12.0, which fix this issue...

9.2CVSS0.00674EPSS

Exploits0References1

IBM Security Bulletins•added 2024/09/19 10:16 a.m.•26 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects App Connect Professional

Summary There are multiple vulnerabilities in the IBM SDK Java Technology used by App Connect Professional. These issue were disclosed as part of the IBM Java SDK updates in July 2024, App Connect Professional has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-21147...

7.4CVSS5.8AI score0.00977EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/09/17 8:19 p.m.•24 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Business Service Manager

Summary IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. Information about security vulnerabilities affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin. Vulnerability Details CVEID:CVE-2024-21147 DESCRIPTION: A...

7.4CVSS5.9AI score0.00977EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/09/17 9:0 a.m.•19 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM License Metric Tool v9.

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM License Metric Tool. These issues were disclosed as part of the IBM Java SDK updates in Jul 2024. Vulnerability Details CVEID:CVE-2024-21147 DESCRIPTION: An unspecified vulnerability in Java SE...

7.4CVSS6AI score0.00977EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/09/14 4:9 a.m.•20 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK (July 2024) affect IBM InfoSphere Information Server

Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition, Version 8 that is used by IBM InfoSphere Information Server. These issues were disclosed as part of the IBM Java SDK updates in July 2024. Vulnerability Details CVEID:CVE-2024-21131 DESCRIPTION: An unspecified...

5.9CVSS6.1AI score0.00442EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/09/11 7:34 a.m.•26 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects App Connect Professional

Summary There are multiple vulnerabilities in the IBM SDK Java Technology used by App Connect Professional. These issue were disclosed as part of the IBM Java SDK updates in April 2024, App Connect Professional has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-21094...

7.5CVSS5.8AI score0.00417EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/08/14 2:18 p.m.•47 views

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to July 2024 CPU

Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVEs listed in this document might affect some configurations of IBM WebSphere Application Server traditiona...

7.4CVSS6.7AI score0.00977EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/08/06 9:35 p.m.•22 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Db2 (October 2023 CPU)

Summary If you use IBM® Db2® as your database in your IBM Datacap deployment, please follow the Db2 security bulletin referred here to remedy the vulnerabilities. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could...

5.9CVSS5.9AI score0.00098EPSS

Exploits0Affected Software1

OSV•added 2024/08/02 11:8 a.m.•2 views

OESA-2024-1917 avro security update

Apache Avro is a data serialization system. Security Fixes: When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Java applications using Apache Avro Java SDK up...

7.5CVSS6.9AI score0.00072EPSS

Exploits0References2

OSV•added 2024/08/02 11:8 a.m.•1 views

OESA-2024-1916 avro security update

7.5CVSS6.9AI score0.00072EPSS

Exploits0References2

IBM Security Bulletins•added 2024/08/01 10:46 a.m.•35 views

Security Bulletin: Multiple Vulnerabilities in IBM® SDK, Java™ Technology Java affect IBM Cloud Pak System

Summary Vulnerabilities in IBM Java SDK affect IBM Cloud Pak System. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow an unauthenticated attacker to cause high...

9.1CVSS8.2AI score0.02108EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2024/07/31 10:10 p.m.•36 views

Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect Cloud Pak System (CVE-2023-21830, 2023-21843)

Summary Vulnerabilities in IBM Java SDK affect Cloud Pak System. IBM Cloud Pak System has addressed vulnerabilities Vulnerability Details CVEID:CVE-2023-21830 DESCRIPTION: An unspecified vulnerability in Java SE related to the Serialization component could allow a remote attacker to cause a denia...

5.3CVSS5.1AI score0.00135EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/07/25 2:41 p.m.•26 views

Security Bulletin: Vulnerability in Java affects Tivoli System Automation for Multiplatforms shipped with IBM® Db2® LUW. (CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20919, CVE-2024-20926, CVE-2024-20945, CVE-2023-33850)

Summary Security vulnerabilities have been identified in Java that affect Tivoli System Automation for Multiplatforms TSAMP shipped as a component of IBM Db2. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions TSAMP include...

7.5CVSS7AI score0.00057EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/07/17 1:4 p.m.•27 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Storage Scale packaged in Elastic Storage Server

Summary There are multiple vulnerabilities in Java™ Technology Edition used by the Elastic Storage Server. Fixes for all these vulnerabilities are available. CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20919, CVE-2024-20926, CVE-2024-20945. Vulnerability Details CVEID:CVE-2024-20952...

7.4CVSS6.8AI score0.00319EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/07/15 8:1 p.m.•20 views

Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to IBM Java SDK (Tech Edition) vulnerabilities

Summary IBM Sterling Partner Engagement Manager 6.2.3.1, 6.1.2.10, and 6.2.0.8 address IBM Java SDK Tech Edition CPU vulnerabilities attached to this Security Bulletin. Vulnerability Details CVEID:CVE-2023-22045 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component coul...

3.7CVSS4.8AI score0.00141EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/07/04 7:29 a.m.•26 views

Security Bulletin: IBM Instana Observability is vulnerable to Improper Input Validation due to Apache Avro Java SDK

Summary Vulnerability in Apache Avro Java SDK was remediated in IBM Observability with Instana Build 275. CVE-2023-39410 Vulnerability Details CVEID:CVE-2023-39410 DESCRIPTION: Apache Avro Java SDK could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an...

7.5CVSS8.4AI score0.00072EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/07/01 5:20 p.m.•51 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Netcool Impact

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Tivoli Netcool Impact. IBM Tivoli Netcool Impact has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-21094 DESCRIPTION: An unspecified vulnerability in Java SE related to the...

7.5CVSS4.9AI score0.00417EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/06/24 10:4 p.m.•37 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 8 used by AIX. AIX has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-21085 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to...

7.5CVSS5.9AI score0.00199EPSS

Exploits0Affected Software2

IBM AIX•added 2024/06/24 3:10 p.m.•38 views

Multiple vulnerabilities in IBM Java SDK affect AIX

IBM SECURITY ADVISORY First Issued: Mon Jun 24 15:10:30 CDT 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/javajun2024advisory.asc Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX...

7.5CVSS4.6AI score0.00199EPSS

Exploits0

IBM Security Bulletins•added 2024/06/17 2:45 p.m.•26 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to a denial of service due to IBM Java SDK (CVE-2024-38264)

Summary IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to a denial of service due to IBM Java SDK, Java Technology Edition. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-38264 DESCRIPTION: The IBM SDK, Jav...

7.5CVSS5.8AI score0.00222EPSS

Exploits0Affected Software2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by