CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

411 matches found

Positive Technologies•added 2026/05/06 12:0 a.m.•4 views

PT-2026-37694

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

4.3CVSS6.7AI score0.00329EPSS

Exploits0References17

Positive Technologies•added 2026/05/06 12:0 a.m.•8 views

PT-2026-37991

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JavaFX. Supported versions that are affected are Oracle Java SE: 8u391; Oracle GraalVM Enterprise Edition: 20.3.12 and 21.3.8. Difficult to exploit vulnerability allows unauthenticated...

3.1CVSS5.8AI score0.00238EPSS

Exploits0References8

Positive Technologies•added 2026/05/06 12:0 a.m.•7 views

PT-2026-37709

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerability allows unauthenticated...

7.5CVSS5.8AI score0.00694EPSS

Exploits0References8

IBM Security Bulletins•added 2026/05/05 9:49 p.m.•5 views

Security Bulletin: IBM SPSS Statistics Java SE Vulnerability Updates

Summary Denial of service, unauthorized access and buffer size vulnerabilities have been addressed. Addresses Java CVEs: CVE-2026-21945, CVE-2026-21932, CVE-2026-21933, CVE-2026-21925, CVE-2026-1188, CVE-2025-2900 and CVE-2025-4447. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE ...

9.8CVSS7.3AI score0.00234EPSS

Exploits0Affected Software1

AstraLinux•added 2026/05/03 11:59 p.m.•13 views

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Hotspot. The supported versions affected by this vulnerability are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13...

4.8CVSS5.8AI score0.002EPSS

Exploits0References2

Tenable Nessus•added 2026/04/22 12:0 a.m.•7 views

Amazon Corretto Java 8.x < 8.492.09.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is 8 prior to 8.492.09.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-8-2026-Apr-21 advisory. - An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in versions...

7.5CVSS7.3AI score0.00154EPSS

Exploits0References7

OSV•added 2026/04/21 9:16 p.m.•0 views

UBUNTU-CVE-2026-34268

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0....

2.9CVSS7.3AI score0.00021EPSS

Exploits0References12

IBM Security Bulletins•added 2026/04/01 5:6 a.m.•4 views

Security Bulletin: Multiple Vulnerabilities affect IBM Tivoli Netcool Impact

Summary Multiple vulnerabilities were addressed in IBM Tivoli Netcool Impact version 7.1.0.38 Vulnerability Details CVEID:CVE-2026-29063 DESCRIPTION: Immutable.js provides many Persistent Immutable data structures. Prior to versions 3.8.3, 4.3.7, and 5.1.5, Prototype Pollution is possible in...

9.8CVSS7AI score0.00876EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/03/19 8:57 p.m.•3 views

Security Bulletin: Communications Server (CS) for Data Center Deployment, CS for Linux, and CS for Linux on System z are affected by: IBM SDK, Java Technology Edition Quarterly CPU - Oct 2025 - Includes Oracle October 2025 CPU

Summary Communications Server CS for Data Center Deployment, CS for Linux, and CS for Linux on System z install a local Java JRE in its product directories. This JRE is used solely for the IBM Key Manager ikeyman tool which is called by the snakeyman script used for managing the SSL key database...

7.5CVSS5.9AI score0.00068EPSS

Exploits0Affected Software3

IBM Security Bulletins•added 2026/03/12 7:9 a.m.•3 views

Security Bulletin: IBM Security Directory Suite is affected by multiple vulnerabilities (CVE-2025-48976, CVE-2025-36047, CVE-2025-53066, CVE-2025-53057)

Summary IBM Security Directory Suite is affected by WebSphere Liberty vulnerabilities CVE‑2025‑48976, CVE‑2025‑36047 and Java vulnerabilities CVE‑2025‑53066, CVE‑2025‑53057. These vulnerabilities have been addressed with an update. Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An...

7.5CVSS5.8AI score0.01278EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/03/11 6:45 p.m.•4 views

Security Bulletin: Multiple Vulnerabilities in IBM Workload Scheduler component of IBM Workload Automation

Summary Multiple vulnerabilities were addressed in IBM Workload Scheduler component of IBM Workload Automation 10.2.5 Vulnerability Details CVEID:CVE-2024-21094 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause no confidentiali...

3.7CVSS6.7AI score0.00449EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/03/09 9:10 a.m.•3 views

Security Bulletin: IBM Sterling Connect:Direct File Agent is vulnerable to multiple issues due to IBM Semeru Runtime 17

Summary There are vulnerabilities in IBM Semeru Runtime version 17 used by IBM Sterling Connect:Direct File Agent. IBM Sterling Connect:Direct File Agent has addressed the applicable CVEs CVE-2026-21945, CVE-2026-21932, CVE-2026-21933, CVE-2026-21925, CVE-2026-1188. Vulnerability Details...

9.8CVSS6.2AI score0.00089EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/03/02 2:44 p.m.•11 views

Security Bulletin: IBM Guardium Data Security Center is affected by multiple vulnerabilities

Summary IBM Guardium Data Security Center has addressed these vulnerabilties with an update. Vulnerability Details CVEID:CVE-2026-23490 DESCRIPTION: pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malforme...

8.1CVSS6AI score0.01387EPSS

Exploits2Affected Software1

IBM Security Bulletins•added 2026/02/12 2:42 p.m.•9 views

Security Bulletin: IBM Integration Designer is vulnerable to improper access control (CVE-2026-21945, CVE-2026-21932, CVE-2026-21933, CVE-2026-21925 )

Summary Vulnerability in the IBM® Runtime Environment Java™ Version 8 used by IBM Integration Designer. IBM Integration Designer has addressed the following CVEs. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by an easily exploitable...

7.5CVSS5.7AI score0.00089EPSS

Exploits0Affected Software1

Tenable Nessus•added 2026/02/05 12:0 a.m.•7 views

Amazon Linux 2023 : java-11-amazon-corretto, java-11-amazon-corretto-devel, java-11-amazon-corretto-headless (ALAS2023-2026-1384)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1384 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: RMI. Supported versions that are affected are Oracle Java SE...

7.5CVSS5.7AI score0.00089EPSS

Exploits0References10

IBM Security Bulletins•added 2026/01/29 6:59 a.m.•10 views

Security Bulletin: Multiple Vulnerabilities affects IBM Data Studio Client 4.2.0

Summary Security Fix of multiple Vulnerabilities of IBM Data Studio Client 4.2.0 Vulnerability Details CVEID:CVE-2021-2163 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, high...

7.8CVSS7.2AI score0.11722EPSS

Exploits3Affected Software1

IBM Security Bulletins•added 2026/01/26 10:12 a.m.•16 views

Security Bulletin: Enterprise Content Managemant System Monitor for July 2025 - multiple CVEs

Summary Enterprise Content Management System Monitor is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details...

7.8CVSS6.6AI score0.00234EPSS

Exploits0Affected Software1

Tenable Nessus•added 2026/01/13 12:0 a.m.•3 views

MiracleLinux 7 : java-11-openjdk-11.0.28.0.6-1.0.1.el7.AXS7 (AXSA:2025-10837:04)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10837:04 advisory. JDK: Better Glyph drawing CVE-2025-30749 JDK: Enhance TLS protocol support CVE-2025-30754 JDK: Improve scripting supports CVE-2025-30761 JDK: Impro...

8.6CVSS6.6AI score0.02123EPSS

Exploits1References6

RedhatCVE•added 2026/01/09 10:14 a.m.•4 views

CVE-2019-2699

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Windows DLL. The supported version that is affected is Java SE: 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. While the vulnerabilit...

9CVSS7.4AI score0.0109EPSS

Exploits0References1

IBM Security Bulletins•added 2025/12/04 2:43 p.m.•13 views

Security Bulletin: Multiple vulnerabilities in IBM Controller

Summary Multiple vulnerabilities were addressed in IBM Controller 11.1.2. Vulnerability Details CVEID:CVE-2024-38820 DESCRIPTION: The fix for CVE-2022-22968 made disallowedFields patterns in DataBinder case insensitive. However, String.toLowerCase has some Locale dependent exceptions that could...

9.3CVSS8.1AI score0.39189EPSS

Exploits1Affected Software2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by