command-injection-payload-list

It is an offensive tool for web application security. The primary CVE ID is not explicitly mentioned, but the description pertains to OS command injection vulnerabilities. The target product/service is web applications, and the vulnerability class/vector is OS command injection. Notable...

[SECURITY] Fedora 41 Update: java-25-openjdk-25.0.0.0.32-0.1.ea.fc41

The OpenJDK 25 runtime environment...

[SECURITY] Fedora 41 Update: java-latest-openjdk-24.0.2.0.12-1.rolling.fc41

The OpenJDK 24 runtime environment...

Security Bulletin: Update JRE for Older Versions of IBM SPSS Statistics

Summary Vulnerabilities related to encryption were found in older versions of the Java Runtime Environment JRE. This Interim Fix addresses those problems. The IF applies to all applicable Java SE CVEs published by Oracle as part of their April 2025 Critical Patch Update plus CVE-2025-4447...

Security Bulletin: Update JRE for Older Versions of IBM SPSS Statistics

Summary Vulnerabilities related to encryption were found in older versions of the Java Runtime Environment JRE. This Interim Fix addresses those problems. The IF applies to all applicable Java SE CVEs published by Oracle as part of their April 2025 Critical Patch Update plus CVE-2025-4447...

Important: Red Hat Security Advisory: OpenJDK 21.0.8 Security Update for Portable Linux Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

Important: Red Hat Security Advisory: OpenJDK 21.0.8 Security Update for Windows Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

Important: Red Hat Security Advisory: OpenJDK 17.0.16 Security Update for Windows Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Imporant. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime affecting Tivoli Netcool/OMNIbus

Summary Vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by Tivoli Netcool/OMNIbus have been addressed. Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Java SE component: Hotspot. Difficult to exploit vulnerability allows...

Security Bulletin: Vulnerabilities in IBM Java Runtime affect Tivoli Netcool/OMNIbus. (CVE-2025-1470, CVE-2025-1471)

Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by Tivoli Netcool/OMNIbus running on Linux on IBM Z Systems. Vulnerability Details CVEID:CVE-2025-1470 DESCRIPTION: In Eclipse OMR, from the initial contribution to version 0.4.0, some O...

Security Bulletin: Multiple vulnerabilities affect CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition.

Summary Java Runtime Environments and IBM Semeru Runtimes are used by CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition. CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition have been updated in order to address the multip...

RHEL 10 / 8 / 9 : java-21-openjdk (RHSA-2025:10873)

The remote Redhat Enterprise Linux 10 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10873 advisory. The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security...

ALSA-2025:10867 Important: java-17-openjdk security update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: JDK: Better Glyph drawing CVE-2025-30749 JDK: Enhance TLS protocol support CVE-2025-30754 JDK: Improve HTTP client header handling CVE-2025-50059 JDK:...

Important: java-17-openjdk security update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: JDK: Better Glyph drawing CVE-2025-30749 JDK: Enhance TLS protocol support CVE-2025-30754 JDK: Improve HTTP client header handling CVE-2025-50059 JDK:...

Security Bulletin: Multiple Security Vulnerabilities were found in IBM Java Runtime as shipped with IBM Security Verify Access and IBM Verify Identity Access

Summary Multiple Security Vulnerabilities found in IBM Java Runtime as shipped with IBM Security Verify Access and IBM Verify Identity Access have been addressed. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL component...

Security Bulletin: IBM DataPower Gateway affected by issues in Java Runtime

Summary IBM DataPower Gateway does not itself use Java, but certain bundled integrations do e.g. JDBC, IMS Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote attacker to cause high confidentiali...

Security Bulletin: IBM Sterling Connect:Direct File Agent is vulnerable to multiple issues due to IBM Runtime Environment Java Technology Edition

Summary IBM Sterling Connect:Direct File Agent uses IBM Runtime Environment Java Technology Edition, Version 7 and 8. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related ...

Security Bulletin: IBM MQ is affected by multiple vulnerabilities in the IBM Runtime Environment, Java Technology Edition (CVE-2025-21587, CVE-2025-30698, CVE-2025-4447)

Summary Multiple issues were identified with IBM Runtime Environment, Java Technology Edition which is shipped with IBM MQ Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote attacker to cause hi...

Security Bulletin: A vulnerability in IBM Java Runtime affects IBM Installation Manager and IBM Packaging Utility (CVE-2025-21587)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Version 11 used by IBM Installation Manager and IBM Packaging Utility. The IBM Installation Manager and IBM Packaging Utility have addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecifie...

Security Bulletin: Multiple CVEs - Vulnerabilities in IBM Java Runtime affect IBM Integration Designer

Summary Vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by IBM Integration Designer. IBM Integration Designer has addressed the following CVEs. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL component cou...