Azul Zulu Java Multiple Vulnerabilities (2025-04-15)

The version of Azul Zulu installed on the remote host is 6 prior to 6.71.0.16 / 7 prior to 7.77.0.14 / 8 prior to 8.85.0.22 / 11 prior to 11.79.20 / 11 prior to 11.79.18 / 17 prior to 17.57.20 / 17 prior to 17.57.18 / 21 prior to 21.41.18 / 24 prior to 24.30.13 / 24 prior to 24.30.12. It is,...

Amazon Corretto Java 11.x < 11.0.27.6.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is 11 prior to 11.0.27.6.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-11-2025-Apr-15 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...

KLA82698 Multiple vulnerabilities in Oracle Java

Multiple vulnerabilities were found in Oracle Java. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Information disclosure vulnerability in JSSE can be exploited to...

Advisory ROSA-SA-2025-2789

Software: java-11-openjdk 11.0.25.0.9 OS: rosa-server79 packageevrstring: java-11-openjdk-11.0.25.0.9-1.0.1.res7 CVE-ID: CVE-2024-21208 BDU-ID: 2024-11501 CVE-Crit: LOW CVE-DESC.: A vulnerability in the Diagnostics components of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM f...

Security Bulletin: Multiple Java Vulnerabilities in IBM Event Streams

Summary Multiple Java SE vulnerabilities were addressed in IBM Event Streams version 11.5.1. Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.8.1.7)

The version of AOS installed on the remote host is prior to 6.8.1.7. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.8.1.7 advisory. - BZ2decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. CVE-2019-129...

Security Bulletin: JAVA related vulnerabilities in IBM SP Enterprise Resource Planning (ERP) effected the ERP product.

Summary IBM Storage Protect Enterprise Resource Planning can be affected by security flaws in JAVA. : An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause high confidentiality, high integrity impacts, as described in the "Vulnerability Details...

Security Bulletin: IBM Planning Analytics is affected by vulnerabilities in IBM® Java™ Version 8, IBM® Semeru Runtime and IBM® Websphere Application Server Liberty

Summary There are vulnerabilities in IBM® Java™ Version 8 , IBM® Semeru Runtime and IBM® WebSphere Application Server Liberty used by IBM Planning Analytics and IBM Planning Analytics Workspace. Please refer to the Related Information section below for vulnerability impact. Vulnerability Details...

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities found in Java and Node.js

Summary There are multiple vulnerabilities in Java and Node.js used by IBM Cloud Transformation Advisor CVE-2019-20916, CVE-2021-37714, CVE-2016-2175, CVE-2025-26791, CVE-2025-1470, CVE-2025-1471. Vulnerability Details CVEID:CVE-2019-20916 DESCRIPTION: pypa pip package for python could allow a...

Security Bulletin: Vulnerabilities in Java affect IBM Voice Gateway

Summary Security Vulnerabilities in Java affect IBM Voice Gateway. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access v...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oct 2024 - Includes Oracle October 2024 CPU plus CVE-2024-10917

Summary Multiple Vulnerabilities were disclosed as part of the JAVA SE March 2025 Critical Patch Update Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

Security Bulletin: IBM Security SOAR is using components with multiple known vulnerabilities (CVE-2024-21235, CVE-2024-21217, CVE-2024-21210, CVE-2024-21208, CVE-2024-10917)

Summary IBM Security SOAR uses an older version of Java that may be identified and exploited. An update has been released which addresses these issues. It is recommended that customers upgrade to Version 51.0.5.0 or later of IBM Security SOAR. AppHost users should upgrade to version 1.15.3.2 or...

Linux Distros Unpatched Vulnerability : CVE-2018-2641

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u171, 7u161,...

Security Bulletin: IBM MQ Appliance is affected by multiple Java vulnerabilities (CVE-2024-10197, CVE-2024-21208 and CVE-2024-21217)

Summary IBM MQ Appliance has addressed multiple Java vulnerabilities. Vulnerability Details CVEID:CVE-2024-21217 DESCRIPTION: Vulnerability in Java SE component: Serialization. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to...

SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2025:0675-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0675-1 advisory. Update to Java 8.0 Service Refresh 8 Fix Pack 40 bsc1236470: - CVE-2025-21502: unauthenticated attacker can obtain unauthorized read and write...

Security Bulletin: Vulnerabilities in IBM Java affect IBM SAN Volume Controller, IBM Storwize, IBM Storage Virtualize and IBM FlashSystem products

Summary Vulnerabilities in IBM® Runtime Environment Java™ Technology Edition affect the product's management GUI. The Command Line Interface is unaffected. CVE-2024-21235 CVE-2024-21217 CVE-2024-21210 CVE-2024-21208 CVE-2024-10917 . Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION:...

Security Bulletin: IBM Sterling Connect:Direct Web Service is vulnerable to multiple vulnerabilities due to IBM Java

Summary IBM Sterling Connect:Direct Web Service uses IBM Java SE. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-21217 DESCRIPTION: Vulnerability in Java SE component: Serialization. Difficult to exploit vulnerability allows...

SUSE SLES15 / openSUSE 15 Security Update : java-1_8_0-openj9 (SUSE-SU-2025:0435-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0435-1 advisory. Update to OpenJDK 8u442 build 06 with OpenJ9 0.49.0 virtual machine. - CVE-2024-21235: unauthorized read/write access to data...

Security Bulletin: InfoSphere Data Replication is affected by Snappy-Java vulnerabilities

Summary InfoSphere Data Replication uses Snappy-Java. This bulletin identifies the steps to take to address the vulnerability in that package. Vulnerability Details CVEID:CVE-2023-34453 DESCRIPTION: snappy-java is vulnerable to a denial of service, caused by an integer overflow in the shuffle...

Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk & java-latest-openjdk packages fix security vulnerability

A difficult to exploit vulnerability allows unauthenticated attackers with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to Oracle Java SE accessible. This vulnerability can b...