1588 matches found
OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitrary host (Networking, 8258432)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerability allows...
OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitrary host (Networking, 8258432)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerability allows...
OpenJDK: Incorrect comparison during range check elimination (Hotspot, 8264066)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerability allows unauthenticated...
OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitrary host (Networking, 8258432)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerability allows...
PT-2021-3767
Name of the Vulnerable Software and Affected Versions Java SE versions 8u291, 11.0.11, 16.0.1 Oracle GraalVM Enterprise Edition versions 20.3.2, 21.1.0 Description The issue allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE, Oracle GraalVM...
PT-2021-3750
Name of the Vulnerable Software and Affected Versions Java SE versions 7u301, 8u291, 11.0.11, 16.0.1 Oracle GraalVM Enterprise Edition versions 20.3.2 and 21.1.0 Description The issue is related to insufficient input validation in the Networking component of Java SE and Oracle GraalVM Enterprise...
OpenJDK: Incomplete enforcement of JAR signing disabled algorithms (Libraries, 8249906)
Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20.3.1.2 and 21.0.0.2...
UBUNTU-CVE-2021-2161
Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20.3.1.2 and 21.0.0.2...
PT-2021-2919
Name of the Vulnerable Software and Affected Versions Java SE versions 7u291, 8u281, 11.0.10, 16 Java SE Embedded version 8u281 Oracle GraalVM Enterprise Edition versions 19.3.5, 20.3.1.2, 21.0.0.2 Description The issue allows an unauthenticated attacker with network access via multiple protocols...
PT-2021-2920
Name of the Vulnerable Software and Affected Versions Java SE versions 7u291, 8u281, 11.0.10, 16 Java SE Embedded version 8u281 Oracle GraalVM Enterprise Edition versions 19.3.5, 20.3.1.2, 21.0.0.2 Description The issue allows an unauthenticated attacker with network access via multiple protocols...
OpenJDK: Certificate blacklist bypass via alternate certificate encodings (Libraries, 8237995)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...
OpenJDK: Credentials sent over unencrypted LDAP connection (JNDI, 8237990)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JNDI. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
OpenJDK: High memory usage during deserialization of Proxy class with many interfaces (Serialization, 8236862)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...
Vulnerabilities fixed in IBM MQ
An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated malicious agent to obtain sensitive information and cause the initiation of a denial-of-service DoS IBM has released updates to fix the vulnerability. More information can be found on the page...
OpenJDK: Incorrect handling of access control context in ForkJoinPool (Libraries, 8237117)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
OpenJDK: Bypass of boundary checks in nio.Buffer via concurrent access (Libraries, 8238920)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
OpenJDK: Unexpected exception raised by DerInputStream (Libraries, 8237731)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u261 and 8u251; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols ...
OpenJDK: Certificate blacklist bypass via alternate certificate encodings (Libraries, 8237995)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...
OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...