CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

496 matches found

Tenable Nessus•added 2025/03/31 12:0 a.m.•17 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.8.1.7)

The version of AOS installed on the remote host is prior to 6.8.1.7. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.8.1.7 advisory. - BZ2decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. CVE-2019-129...

9.8CVSS7.4AI score0.36802EPSS

Exploits27References61

IBM Security Bulletins•added 2025/03/28 2:47 p.m.•14 views

Security Bulletin: JAVA related vulnerabilities in IBM SP Enterprise Resource Planning (ERP) effected the ERP product.

Summary IBM Storage Protect Enterprise Resource Planning can be affected by security flaws in JAVA. : An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause high confidentiality, high integrity impacts, as described in the "Vulnerability Details...

7.4CVSS6.9AI score0.00977EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/03/27 8:25 p.m.•24 views

Security Bulletin: IBM Planning Analytics is affected by vulnerabilities in IBM® Java™ Version 8, IBM® Semeru Runtime and IBM® Websphere Application Server Liberty

Summary There are vulnerabilities in IBM® Java™ Version 8 , IBM® Semeru Runtime and IBM® WebSphere Application Server Liberty used by IBM Planning Analytics and IBM Planning Analytics Workspace. Please refer to the Related Information section below for vulnerability impact. Vulnerability Details...

8.7CVSS7.5AI score0.1753EPSS

Exploits2Affected Software4

IBM Security Bulletins•added 2025/03/21 12:56 p.m.•20 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities found in Java and Node.js

Summary There are multiple vulnerabilities in Java and Node.js used by IBM Cloud Transformation Advisor CVE-2019-20916, CVE-2021-37714, CVE-2016-2175, CVE-2025-26791, CVE-2025-1470, CVE-2025-1471. Vulnerability Details CVEID:CVE-2019-20916 DESCRIPTION: pypa pip package for python could allow a...

7.8CVSS7.8AI score0.05893EPSS

Exploits2Affected Software1

IBM Security Bulletins•added 2025/03/06 9:11 p.m.•15 views

Security Bulletin: Vulnerabilities in Java affect IBM Voice Gateway

Summary Security Vulnerabilities in Java affect IBM Voice Gateway. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access v...

5.3CVSS6.1AI score0.00303EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/03/05 2:15 p.m.•21 views

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oct 2024 - Includes Oracle October 2024 CPU plus CVE-2024-10917

Summary Multiple Vulnerabilities were disclosed as part of the JAVA SE March 2025 Critical Patch Update Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

5.3CVSS5.8AI score0.00303EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/03/04 9:58 a.m.•32 views

Security Bulletin: IBM Security SOAR is using components with multiple known vulnerabilities (CVE-2024-21235, CVE-2024-21217, CVE-2024-21210, CVE-2024-21208, CVE-2024-10917)

Summary IBM Security SOAR uses an older version of Java that may be identified and exploited. An update has been released which addresses these issues. It is recommended that customers upgrade to Version 51.0.5.0 or later of IBM Security SOAR. AppHost users should upgrade to version 1.15.3.2 or...

5.3CVSS4.3AI score0.00303EPSS

Exploits0Affected Software2

Tenable Nessus•added 2025/03/04 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2018-2641

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u171, 7u161,...

6.1CVSS6.6AI score0.00162EPSS

Exploits0References3

IBM Security Bulletins•added 2025/02/27 8:38 p.m.•28 views

Security Bulletin: IBM MQ Appliance is affected by multiple Java vulnerabilities (CVE-2024-10197, CVE-2024-21208 and CVE-2024-21217)

Summary IBM MQ Appliance has addressed multiple Java vulnerabilities. Vulnerability Details CVEID:CVE-2024-21217 DESCRIPTION: Vulnerability in Java SE component: Serialization. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to...

5.3CVSS4.8AI score0.00303EPSS

Exploits1Affected Software1

Tenable Nessus•added 2025/02/25 12:0 a.m.•8 views

SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2025:0675-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0675-1 advisory. Update to Java 8.0 Service Refresh 8 Fix Pack 40 bsc1236470: - CVE-2025-21502: unauthenticated attacker can obtain unauthorized read and write...

5.3CVSS6.8AI score0.00303EPSS

Exploits0References8

IBM Security Bulletins•added 2025/02/13 3:10 p.m.•32 views

Security Bulletin: Vulnerabilities in IBM Java affect IBM SAN Volume Controller, IBM Storwize, IBM Storage Virtualize and IBM FlashSystem products

Summary Vulnerabilities in IBM® Runtime Environment Java™ Technology Edition affect the product's management GUI. The Command Line Interface is unaffected. CVE-2024-21235 CVE-2024-21217 CVE-2024-21210 CVE-2024-21208 CVE-2024-10917 . Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION:...

5.3CVSS4.5AI score0.00303EPSS

Exploits0Affected Software10

IBM Security Bulletins•added 2025/02/12 2:43 a.m.•23 views

Security Bulletin: IBM Sterling Connect:Direct Web Service is vulnerable to multiple vulnerabilities due to IBM Java

Summary IBM Sterling Connect:Direct Web Service uses IBM Java SE. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-21217 DESCRIPTION: Vulnerability in Java SE component: Serialization. Difficult to exploit vulnerability allows...

5.3CVSS6.2AI score0.00883EPSS

Exploits0Affected Software1

Tenable Nessus•added 2025/02/12 12:0 a.m.•6 views

SUSE SLES15 / openSUSE 15 Security Update : java-1_8_0-openj9 (SUSE-SU-2025:0435-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0435-1 advisory. Update to OpenJDK 8u442 build 06 with OpenJ9 0.49.0 virtual machine. - CVE-2024-21235: unauthorized read/write access to data...

4.8CVSS6.7AI score0.00171EPSS

Exploits0References13

IBM Security Bulletins•added 2025/02/11 4:23 p.m.•18 views

Security Bulletin: InfoSphere Data Replication is affected by Snappy-Java vulnerabilities

Summary InfoSphere Data Replication uses Snappy-Java. This bulletin identifies the steps to take to address the vulnerability in that package. Vulnerability Details CVEID:CVE-2023-34453 DESCRIPTION: snappy-java is vulnerable to a denial of service, caused by an integer overflow in the shuffle...

7.5CVSS7.8AI score0.01503EPSS

Exploits2Affected Software1

Mageia•added 2025/02/07 7:45 p.m.•46 views

Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk & java-latest-openjdk packages fix security vulnerability

A difficult to exploit vulnerability allows unauthenticated attackers with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to Oracle Java SE accessible. This vulnerability can b...

4.8CVSS6.3AI score0.002EPSS

Exploits0References5

IBM Security Bulletins•added 2025/01/27 2:30 p.m.•24 views

Security Bulletin: IBM Application Modernization Accelerator is vulnerable to multiple vulnerabilities found in Java and Node.js

Summary There are multiple vulnerabilities in Java and Node.js used by IBM Application Modernization Accelerator CVE-2024-52798, CVE-2024-21538, CVE-2024-21235, CVE-2024-21217, CVE-2024-21210, CVE-2024-21208, CVE-2024-10917, CVE-2024-47764. Vulnerability Details CVEID:CVE-2024-52798 DESCRIPTION:...

8.7CVSS6.8AI score0.00303EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/01/22 4:55 p.m.•15 views

Security Bulletin: Vulnerabilities in IBM Java included with IBM Tivoli Monitoring.

Summary ulnerabilities in IBM® SDK Java™ Technology Edition that is shipped as part of multiple IBM Tivoli Monitoring ITM components. CVEs: CVE-2024-21235, CVE-2024-21217, CVE-2024-21210, CVE-2024-21208 and CVE-2024-10917 Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Ja...

5.3CVSS5.8AI score0.00303EPSS

Exploits0Affected Software1

Tenable Nessus•added 2025/01/17 12:0 a.m.•9 views

SAP NetWeaver AS Java Multiple Vulnerabilities (January 2025)

SAP NetWeaver Application Server for Java is affected by multiple vulnerabilities, including the following: - SAP NetWeaver AS JAVA User Admin Application is vulnerable to stored cross site scripting vulnerability. An attacker posing as an admin can upload a photo with malicious JS content. When ...

6.3CVSS5.2AI score0.00095EPSS

Exploits0References5

IBM Security Bulletins•added 2025/01/15 10:53 p.m.•28 views

Security Bulletin: Db2 Query Management Facility is vulnerable to IBM Semeru Runtime Quarterly CPU - Jan 2024 - Includes OpenJDK Jan 2024 CPU plus CVE-2024-22361

Summary Db2 Query Management Facility is vulnerable to IBM Semeru Runtime Quarterly CPU - Jan 2024 - Includes OpenJDK Jan 2024 CPU plus CVE-2024-22361 Vulnerability Details CVEID:CVE-2024-20932 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could allow a...

7.5CVSS6.2AI score0.00319EPSS

Exploits0Affected Software4

IBM Security Bulletins•added 2025/01/15 5:19 p.m.•21 views

Security Bulletin: Db2 Query Management Facility is vulnerable to IBM Semeru Runtime Quarterly CPU - Oct 2024 - Includes OpenJDK July 2024 CPU plus two additional CVEs

Summary Db2 Query Management Facility is vulnerable to IBM Semeru Runtime Quarterly CPU - Oct 2024 - Includes OpenJDK July 2024 CPU plus two additional CVEs. Vulnerability Details CVEID:CVE-2024-21217 DESCRIPTION: Vulnerability in Java SE component: Serialization. Difficult to exploit vulnerabili...

5.3CVSS7.7AI score0.00883EPSS

Exploits0Affected Software2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by