312 matches found
CVE-2018-2942 vulnerabilities
Vulnerabilities for packages: openjdk-17-openj9, openjdk-21-openj9, openjdk-8-openj9, openjdk-11-openj9...
CVE-2017-10111 vulnerabilities
Vulnerabilities for packages: openjdk-17-openj9, openjdk-21-openj9, openjdk-8-openj9, openjdk-11-openj9...
GHSA-484P-QMQF-9W2V vulnerabilities
Vulnerabilities for packages: openjdk-17-openj9, openjdk-21-openj9, openjdk-8-openj9, openjdk-11-openj9...
GHSA-39X2-J579-V2V2 vulnerabilities
Vulnerabilities for packages: openjdk-17-openj9, openjdk-21-openj9, openjdk-8-openj9, openjdk-11-openj9...
CVE-2018-2639 vulnerabilities
Vulnerabilities for packages: openjdk-17-openj9, openjdk-21-openj9, openjdk-8-openj9, openjdk-11-openj9...
GHSA-V7XG-GP2R-HX5F vulnerabilities
Vulnerabilities for packages: openjdk-17-openj9, openjdk-21-openj9, openjdk-8-openj9, openjdk-11-openj9...
Linux Distros Unpatched Vulnerability : CVE-2020-28052
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checki...
DEBIAN-CVE-2025-8885
Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcprov on All API modules, Legion of the Bouncy Castle Inc. BC-FJA bc-fips on All allows Excessive Allocation. This vulnerability is associated with program files...
CVE-2025-8885
Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcprov on All API modules, Legion of the Bouncy Castle Inc. BC-FJA bc-fips on All allows Excessive Allocation. This vulnerability is associated with program files...
CVE-2023-28462
A JNDI rebind operation in the default ORB listener in Payara Server 4.1.2.191 Enterprise, 5.20.0 and newer Enterprise, and 5.2020.1 and newer Community, when Java 1.8u181 and earlier is used, allows remote attackers to load malicious code on the server once a JNDI directory scan is performed...
XML External Entity (XXE) Injection
Overview Affected versions of this package are vulnerable to XML External Entity XXE Injection due to insufficient validation of XML input in crafted URL paths. An attacker can read files from the server's filesystem or perform denial-of-service attacks by supplying malicious XML content. Note:...
Linux Distros Unpatched Vulnerability : CVE-2014-1876
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The unpacker::redirectstdio function in unpack.cpp in unpack200 in OpenJDK 6, 7, and 8; Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; a...
OESA-2025-1226 tomcat security update
The Apache Tomcat software is developed in an open and participatory environment and released under the Apache License version 2. The Apache Tomcat project is intended to be a collaboration of the best-of-breed developers from around the world. We invite you to participate in this open developmen...
CVE-2024-56337
The fix for CVE-2024-50379 in Apache Tomcat was insufficient to mitigate the issue fully. A Time-of-check Time-of-use TOCTOU race condition occurs during JSP compilation on case-insensitive file systems when the default servlet is enabled for writing. This vulnerability allows an uploaded file to...
EUVD-2024-3542
Time-of-check Time-of-use TOCTOU Race Condition vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. The mitigation for CVE-2024-50379 was incomplete. Users running Tomcat on a case insensiti...
JDK: Array indexing integer overflow (8328544)
Vulnerability in Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4 and 23. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java...
UBUNTU-CVE-2024-21210
Vulnerability in Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4 and 23. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java...
OESA-2024-1908 openjdk-11 security update
The OpenJDK runtime environment. Security Fixes: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0....
Security Bulletin: A CVE-2023-21967 vulnerability in IBM Java Runtime affects IBM Process Designer 8.5.7 shipped with IBM Business Automation Workflow
Summary A vulnerability exists in IBM® Runtime Environment Java™ Versions 8, which is used by the desktop version of IBM Process Designer 8.5.7 shipped with IBM Business Automation Workflow. IBM Process Designer has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-21967...
OpenJDK: HTTP client insufficient file name validation (8302475)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle...