CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

844 matches found

IBM Security Bulletins•added 2026/02/02 12:5 p.m.•7 views

Security Bulletin: There is a vulnerability in lz4-java-1.7.1.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2025-12183)

Summary There is a vulnerability in lz4-java-1.7.1.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2025-12183 DESCRIPTION: Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of...

8.8CVSS5.5AI score0.00103EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/01/30 5:46 a.m.•7 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses lz4-java-1.8.0.jar which is vulnerable to CVE-2025-12183, CVE-2025-66566.

Summary IBM Maximo Application Suite - Monitor Component uses lz4-java-1.8.0.jar which is vulnerable to CVE-2025-12183, CVE-2025-66566. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-66566 DESCRIPTION: yawkat LZ4 Java provides...

8.8CVSS6AI score0.00103EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/01/22 8:57 p.m.•7 views

Security Bulletin: IBM Sterling Connect:Direct for Unix is vulnerable due to IBM Runtime Environment Java Technology Edition Version 8

Summary IBM Java 8 is used by IBM Sterling Connect:Direct for UNIX in product configuration and data transmission. IBM Sterling Connect:Direct for UNIX is impacted by vulnerabilities in IBM Java 8. IBM Sterling Connect:Direct for UNIX has upgraded IBM Java 8 to address the issues. Vulnerability...

7.5CVSS5.7AI score0.00068EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/01/19 10:45 a.m.•5 views

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition for IBM Content Collector for SAP Applications

Summary Multiple Vulnerabilities were disclosed as part of the Oracle January 2026 Critical Patch Update. Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow a remote attacker to cause high confidentiality impac...

7.5CVSS6.9AI score0.00068EPSS

Exploits0Affected Software2

Tenable Nessus•added 2026/01/13 12:0 a.m.•3 views

Amazon S3 Encryption Client for Java < 4.0.0 Key Commitment (AWS-2025-032)

The version of Amazon S3 Encryption Client for Java on the remote host is 4.0.0. It is, therefore, affected by a key commitment vulnerability as referenced in the AWS-2025-032 advisory. Missing cryptographic key commitment in the Amazon S3 Encryption Client for Java may allow a user with write...

6CVSS5.6AI score0.00012EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 11:38 a.m.•7 views

CVE-2003-1134

Sun Java 1.3.1, 1.4.1, and 1.4.2 allows local users to cause a denial of service JVM crash, possibly by calling the ClassDepth function with a null parameter, which causes a crash instead of generating a null pointer exception...

2.1CVSS6.8AI score0.00336EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:49 a.m.•7 views

CVE-2022-37936

Unauthenticated Java deserialization vulnerability in Serviceguard Manager...

9.8CVSS7AI score0.01622EPSS

Exploits0References1

RedHat Linux•added 2026/01/06 1:22 p.m.•4 views

Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.27.1.SP1 security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...

8.8CVSS6.6AI score0.00103EPSS

Exploits1References4

RedHat Linux•added 2026/01/06 1:12 p.m.•6 views

Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.20.4.SP1 security update

8.8CVSS6.6AI score0.00103EPSS

Exploits1References4

IBM Security Bulletins•added 2025/12/30 1:30 p.m.•4 views

Security Bulletin: Multiple Vulnerabilities in IBM® Runtime Environment Java™ Technology Edition affects WebSphere eXtreme Scale

Summary There are multiple vulnerabilities in IBM Runtime Environment Java Version 8 used by WebSphere eXtreme Scale. Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow a remote attacker to cause high...

7.5CVSS6.5AI score0.00068EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/12/16 3:10 p.m.•4 views

Security Bulletin: IBM Cognos Dashboards on Cloud Pak for Data has addressed security vulnerabilities.

Summary There are vulnerabilities in IBM® Java™, IBM® Semeru Runtime and Open-Source Software OSS components used by IBM Cognos Dashboards on Cloud Pak for Data. Vulnerability Details CVEID:CVE-2024-7254 DESCRIPTION: Any project that parses untrusted Protocol Buffers data containing an arbitrary...

8.7CVSS7AI score0.00559EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/12/16 6:45 a.m.•4 views

Security Bulletin: Multiple vulnerabilities affect Data Virtualization on IBM Software Hub (December 2025)

Summary Multiple vulnerabilities have been addressed in Data Virtualization on IBM Software Hub. Note that Data Virtualization was named Watson Query on IBM Cloud Pak for Data version 4.8. Vulnerability Details CVEID:CVE-2025-8916 DESCRIPTION: Allocation of Resources Without Limits or Throttling...

8.8CVSS7.2AI score0.00092EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/12/11 3:30 p.m.•8 views

Security Bulletin: Multiple security vulnerabilities in IBM Business Automation Manager Open Editions.

Summary Multiple vulnerabilities were addressed in IBM Business Automation Manager Open Editions 9.3.1. Vulnerability Details CVEID:CVE-2025-61748 DESCRIPTION: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component:...

8.2CVSS8.1AI score0.00112EPSS

Exploits1Affected Software1

Atlassian•added 2025/12/09 11:5 p.m.•12 views

DoS (Denial of Service) software.amazon.ion:ion-java Dependency in Jira Software Data Center and Server

This High severity DoS Denial of Service vulnerability known as CVE-2024-21634 was introduced in 9.12.1 of Jira Software Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticated attacker to take...

7.5CVSS7.8AI score0.0033EPSS

Exploits0

RedhatCVE•added 2025/12/08 4:14 p.m.•1 views

CVE-2025-12183

A flaw was found in lz4-java. This vulnerability allows remote attackers to cause denial of service DoS and read adjacent memory via untrusted compressed input. This vulnerability affects only programs using the unsafe LZ4decompressfast API, known as the "fast" decompressor...

8.8CVSS6.1AI score0.00103EPSS

Exploits0References5

Tenable Nessus•added 2025/12/08 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2025-12183

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted...

8.8CVSS7.2AI score0.00103EPSS

Exploits0References4

IBM Security Bulletins•added 2025/12/05 1:38 p.m.•2 views

Security Bulletin: IBM Storage Protect Server is vulnerable to remote compromise by unauthenticated attacker with network access via multiple protocols due to IBM SDK, Java (CVE-2025-50106, CVE-2025-30749, CVE-2025-30761,CVE-2025-30754)

Summary IBM SDK, Java is vulnerable to remote compromise by unauthenticated attacker with network access via multiple protocols IBM Storage Protect Server uses IBM SDK, Java and may be affected by this vulnerability. Vulnerability Details CVEID:CVE-2025-50106 DESCRIPTION: Vulnerability in the...

8.1CVSS6.2AI score0.02123EPSS

Exploits1Affected Software1

EUVD•added 2025/11/28 3:52 p.m.•1 views

EUVD-2025-199880

Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input...

8.8CVSS6.2AI score0.00103EPSS

Exploits0References3

IBM Security Bulletins•added 2025/11/26 12:5 p.m.•7 views

Security Bulletin: Vulnerability in IBM Java affects IBM SAN Volume Controller, IBM Storwize, IBM Storage Virtualize and IBM FlashSystem products

Summary A vulnerability in IBM® Runtime Environment Java™ Technology Edition affect the product's management GUI and could cause a confidentiality impact. The Command Line Interface is unaffected. CVE-2025-30754. Vulnerability Details CVEID:CVE-2025-30754 DESCRIPTION: Vulnerability in the Oracle...

4.8CVSS5.5AI score0.00459EPSS

Exploits0Affected Software8

IBM Security Bulletins•added 2025/11/26 10:32 a.m.•12 views

Security Bulletin: IBM Application Modernization Accelerator is affected by multiple vulnerabilities found in Java and Node.js

Summary There are multiple vulnerabilities in Java and Node.js used by IBM Application Modernization Accelerator. Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow a remote attacker to cause high confidentiali...

7.5CVSS6.4AI score0.00469EPSS

Exploits2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by