844 matches found
EUVD-2024-52021
Malicious code in bioql PyPI...
EUVD-2024-3518
Malicious code in bioql PyPI...
Security Bulletin: Vulnerabilities in IBM Java included with IBM Tivoli Composite Application Manager for Applications WebSphere MQ Monitoring Agent
Summary Vulnerabilities in IBM SDK Java Technology Edition that is shipped as part of agent framework in ITCAM for Applications WebSphere MQ Monitoring Agent. CVEs: CVE-2025-50106, CVE-2025-30749. Vulnerability Details CVEID:CVE-2025-50106 DESCRIPTION: Vulnerability in the Oracle Java SE, Oracle...
Security Bulletin: Multiple Vulnerabilities in Java affecting IBM Knowledge Catalog and IBM Match 360 On Cloud Pak for Data
Summary Lineage, an internal component of IBM Knowledge Catalog, and the IBM Match 360 component within IBM Cloud Pak for Data are impacted by vulnerabilities in Java. These vulnerabilities have now addressed. Vulnerability Details CVEID:CVE-2025-50059 DESCRIPTION: Vulnerability in the Oracle Jav...
DEBIAN-CVE-2025-59432
SCRAM Salted Challenge Response Authentication Mechanism is part of the family of Simple Authentication and Security Layer SASL, RFC 4422 authentication mechanisms. Prior to version 3.2, a timing attack vulnerability exists in the SCRAM Java implementation. The issue arises because Arrays.equals...
appscanstandard-integration:ibm-security-appscanstandard-scanner (>=1.0 <=2.8), au.com.versent.jenkins.plugins:ignore-committer-strategy (>=55.v51410e712e0c <=57.v0756db_b_f6926) +608 more potentially affected by CVE-2025-59475 via org.jenkins-ci.main:jenkins-core (>=2.0 <=2.516.2)
org.jenkins-ci.main:jenkins-core MAVEN version =2.0, =1.0, =55.v51410e712e0c, =4.1.0.506.v619d63bec9d8, =109.v2c51a117a7b4, =1.155.v3d884c1bdee1, =1.281.v331e3f5a05a9, =4050.v8ba69b587c39, =4050.v8ba69b587c39, =1.0.5, =2.0.0, =2.0, =1.0.2, =1.0.0, =1.43.0, =1.46.0.1 and more...
Security Bulletin: Multiple vulnerabilities in IBM SDK, Java technology affect IBM Tivoli Composite Application Manager for Transactions (Response Time)
Summary IBM SDK, Java Technology Edition is used by IBM Tivoli Composite Application Manager for Transactions Response Time CVE-2025-21587, CVE-2025-30698, CVE-2025-4447 Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL...
Linux Distros Unpatched Vulnerability : CVE-2016-4216
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XMPCore in Adobe XMP Toolkit for Java before 5.1.3 allows remote attackers to read arbitrary files via XML data containing an external entity declaration in...
Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in IBM SDK
Summary IBM Watson Discovery Cartridge contains a vulnerable version of IBM SDK Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote attacker to cause high confidentiality and high integrity impac...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.3.0.6)
The version of AOS installed on the remote host is prior to 7.3.0.6. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.3.0.6 advisory. - LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4write32 related to LZ4compressdestSize, affecting applications that...
CVE-2017-3544 vulnerabilities
Vulnerabilities for packages: openjdk-17-openj9, openjdk-11-openj9, openjdk-21-openj9, openjdk-8-openj9...
CVE-2019-2786 vulnerabilities
Vulnerabilities for packages: openjdk-17-openj9, openjdk-11-openj9, openjdk-21-openj9, openjdk-8-openj9...
CVE-2016-5554 vulnerabilities
Vulnerabilities for packages: openjdk-17-openj9, openjdk-11-openj9, openjdk-21-openj9, openjdk-8-openj9...
Bouncy Castle 安全漏洞
Bouncy Castle is a collection of APIs used in cryptography organized by Bouncy Castle. It includes APIs for the Java and C programming languages . A security vulnerability exists in Bouncy Castle for Java BC-FJA version 2.1.0, which originates from an out-of-bounds write and could lead to the...
Linux Distros Unpatched Vulnerability : CVE-2015-4916
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors, a different...
CVE-2019-2989 vulnerabilities
Vulnerabilities for packages: openjdk, openjdk-17-openj9, openjdk-11-openj9, openjdk-8-openj9, openjdk-21-openj9...
GHSA-4CX2-FC23-5WG6 Bouncy Castle for Java bcpkix, bcprov, bcpkix-fips on All (API modules) allows Excessive Allocation
Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bcpkix, bcprov, bcpkix-fips on All API modules allows Excessive Allocation. This vulnerability is associated with program files...
com.walterjwhite.java.examples:ssh (=0.0.17), com.walterjwhite.java.modules.linux-builder.modules.cli.providers:cdi (=0.0.17) +23 more potentially affected by CVE-2025-8916 via org.bouncycastle:bcprov-ext-jdk14 (>=1.51 <=1.72)
org.bouncycastle:bcprov-ext-jdk14 MAVEN version =1.51, =0.1.0, =0.1.0, =0.1.2 - io.github.qsy7.java.modules.linux-builder.modules.cli.providers:guice =0.1.0 and more Source cves: CVE-2025-8916 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-11789696...
CVE-2025-8916 Possible DOS in processing large name constraint structures in PKIXCertPathReveiwer
Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All API modules, Legion of the Bouncy Castle Inc. BC Java bcprov on All API modules, Legion of the Bouncy Castle Inc. BCPKIX FIPS bcpkix-fips on All API modules allows Excessiv...
ROS-20250813-08
A vulnerability in the Java dnsjava DNS implementation is related to incorrect response checking during processing of DNS queries. Exploitation of the vulnerability could allow a remote attacker to bypass the implemented security restrictions. enforced security restrictions...