CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

502 matches found

IBM Security Bulletins•added 2023/06/28 12:18 p.m.•38 views

Security Bulletin: CVE-2023-21830 and CVE-2023-21843 may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Advanced

Summary CVE-2023-21830 and CVE-2023-21843 may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-21830 DESCRIPTION: An unspecified vulnerability in Java SE related to the...

5.3CVSS5.1AI score0.01357EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2023/05/26 3:32 a.m.•29 views

Security Bulletin: IBM Sterling Connect:Direct Browser User Interface vulnerable to multiple issues due to IBM Runtime Environment Java

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions. Sterling Connect:Direct Browser User Interface has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-21830 DESCRIPTION: An unspecified vulnerability in Java SE related to the Serialization...

5.3CVSS5.6AI score0.01357EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2023/05/15 10:26 p.m.•31 views

Security Bulletin: Vulnerabilities in IBM Java included with IBM Tivoli Monitoring.

Summary Vulnerabilities in IBM® Java™ Technology Edition that is shipped as part of multiple IBM Tivoli Monitoring ITM components. CVEs: CVE-2023-21830, CVE-2023-21843, CVE-2022-21426 Vulnerability Details CVEID:CVE-2022-21426 DESCRIPTION: An unspecified vulnerability in Java SE related to the JA...

5.3CVSS5.7AI score0.03028EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2023/05/02 10:46 p.m.•52 views

Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Java

Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of Java . Vulnerability Details CVEID:CVE-2022-21426 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow an unauthenticated attacker to cause a denial of...

5.3CVSS5.1AI score0.03028EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2023/05/02 12:20 p.m.•44 views

Security Bulletin: IBM Spectrum Scale Transparent Cloud Tiering is affected by multiple vulnerabilities in IBM® Runtime Environment Java™

Summary Multiple vulnerabilities were disclosed as part of the Oracle October 2021 Critical Patch Update. Vulnerability Details CVEID:CVE-2021-35560 DESCRIPTION: An unspecified vulnerability in Java SE related to the Deployment component could allow an unauthenticated attacker to take control of...

9.8CVSS9AI score0.14839EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2023/04/17 9:45 p.m.•29 views

Security Bulletin: Vulnerabilities in IBM Java included with IBM Tivoli Monitoring.

Summary Vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped as part of multiple IBM Tivoli Monitoring ITM components. CVEs: CVE-2022-21541, CVE-2022-21540, CVE-2022-3676, CVE-2021-2163, CVE-2022-21628, CVE-2022-21626, CVE-2022-21624, CVE-2022-21619 Vulnerability Details...

6.5CVSS7.2AI score0.03566EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2023/04/14 10:39 a.m.•30 views

Security Bulletin: The IBM® Engineering Lifecycle Engineering product using IBM SDK, Java Technology Edition Quarterly CPU - Jan 2023 - Includes Oracle January 2023 CPU

Summary Vulnerabilities may affect IBM® SDK, Java™ Technology Edition. Following IBM® Engineering Lifecycle Engineering products are vulnerable to this attack, it has been addressed in this bulletin: Jazz Foundation, IBM Engineering Workflow Management, Global Configuration Management, IBM...

5.3CVSS5.4AI score0.01357EPSS

Exploits0Affected Software1

Positive Technologies•added 2023/03/14 12:0 a.m.•4 views

PT-2023-20653 · Sap · Sap Netweaver Application Server Java

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Application Server for Java version 7.50 Description: The Cache Management Service in SAP NetWeaver Application Server for Java does not perform authentication checks for functionalities that require user identity...

5.3CVSS5.3AI score0.00476EPSS

Exploits0References5

IBM Security Bulletins•added 2023/03/06 2:41 p.m.•37 views

Security Bulletin: Multiple vulnerabilities in IBM® SDK, Java™ Technology Edition affected IBM Workflow for Bluemix January 2016 (CVE-2015-7575, CVE-2016-0466, CVE-2016-0475)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8. that is used by IBM Workflow for Bluemix. These issues were disclosed as part of the IBM® SDK, Java™ Technology Edition updates in January 2016 and include the vulnerability commonly referred to as "SLOTH"...

5.9CVSS6.2AI score0.05453EPSS

Exploits0Affected Software1

F5 Networks•added 2023/02/21 7:1 p.m.•66 views

K26555255: Multiple Java vulnerabilities CVE-2020-2781, CVE-2020-2800, CVE-2020-2803, CVE-2020-2805, CVE-2020-2830

Security Advisory Description CVE-2020-2781 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated...

8.3CVSS7AI score0.0623EPSS

Exploits0

F5 Networks•added 2023/02/21 6:33 p.m.•178 views

K03179547: Multiple Java vulnerabilities CVE-2021-3517, CVE-2021-3522, CVE-2021-35550, CVE-2021-35556, CVE-2021-35559

Security Advisory Description CVE-2021-3517 There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an...

8.6CVSS6.2AI score0.14839EPSS

Exploits0

F5 Networks•added 2023/02/21 5:34 p.m.•47 views

K65342329: Java vulnerabilities CVE-2016-0494, CVE-2016-0448, and CVE-2016-0402

Security Advisory Description CVE-2016-0494 Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

10CVSS6.5AI score0.07211EPSS

Exploits0

IBM Security Bulletins•added 2023/02/18 1:45 a.m.•50 views

Security Bulletin: Multiple Vulnerabilities in Java affect the IBM FlashSystem models 840 and 900

Summary There are vulnerabilities in Java to which the IBM FlashSystem™ 840 and FlashSystem 900 are susceptible CVE-2018-2783, CVE-2018-1517, CVE-2018-12539, CVE-2018-3180, and CVE-2018-12547. An exploit of CVE-2018-12547 could make the system susceptible to a buffer overflow which could allow a...

9.8CVSS9AI score0.03981EPSS

Exploits1Affected Software1

SUSE CVE•added 2023/02/15 6:3 a.m.•3 views

SUSE CVE-2009-2475

Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent attackers to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to 1 LayoutQueue, 2 Cursor.predefined, 3...

7.8CVSS6.7AI score0.02318EPSS

Exploits0References5

SUSE CVE•added 2023/02/15 5:44 a.m.•7 views

SUSE CVE-2012-4681

Multiple vulnerabilities in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by 1 using com.sun.beans.finder.ClassFinder.findClass and leveraging an...

9.8CVSS7.8AI score0.98536EPSS

Exploits10References12

SUSE CVE•added 2023/02/15 5:17 a.m.•2 views

SUSE CVE-2015-4803

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911...

5CVSS6.6AI score0.05288EPSS

Exploits0References21

ATTACKERKB•added 2023/02/06 12:0 a.m.•48 views

CVE-2023-0669

Fortra formerly, HelpSystems GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. This issue was patched in version 7.1.2. Recent assessments: rbowes-r7 at February 06, 2023...

7.2CVSS7.3AI score0.99999EPSS

In wildExploits12References11

F5 Networks•added 2023/01/04 11:2 p.m.•62 views

K95313044: Multiple Java vulnerabilities

Security Advisory Description CVE-2013-3829 Unspecified vulnerability in the Java SE, Java SE Embedded component in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentialit...

10CVSS7.3AI score0.17606EPSS

Exploits0Affected Software1

OSV•added 2022/12/24 11:4 a.m.•2 views

OESA-2022-2145 openjdk-1.8.0 security update

The OpenJDK runtime environment 8. Security Fixes: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and...

5.3CVSS7.1AI score0.03028EPSS

Exploits0References3

F5 Networks•added 2022/12/22 11:0 p.m.•52 views

K05200155: Multiple Java vulnerabilities

Security Advisory Description CVE-2015-4734 Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JGSS. CVE-2015-4805 Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60,...

10CVSS6.1AI score0.13354EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by