Linux Distros Unpatched Vulnerability : CVE-2013-0431

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, and OpenJDK 7, allows user-assisted remote...

Linux Distros Unpatched Vulnerability : CVE-2012-1713

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and...

Linux Distros Unpatched Vulnerability : CVE-2014-6511

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality via unknown vectors related to 2D...

Linux Distros Unpatched Vulnerability : CVE-2017-3511

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JCE. Supported versions that are affected are Java SE: 7u131 a...

Linux Distros Unpatched Vulnerability : CVE-2020-14578

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u261 and 8u251...

DoS (Denial of Service) com.google.protobuf:protobuf-java Dependency in Jira Software Data Center and Server

This High severity com.google.protobuf:protobuf-java Dependency vulnerability was introduced in versions 9.4.0, 9.6.0, 9.7.0, 9.8.0, 9.9.0, 9.10.0, 9.11.0, 9.12.0, 9.13.0, 9.14.0, 9.15.0, 9.16.1, 9.17.0, 10.0.0, and 10.1.1 of Jira Software Data Center and Server. This...

Security Bulletin: Vulnerability in snappy-java affects watsonx.data

Summary snappy-java is vulnerable to a denial of service attacks, which could affect watsonx.data. Vulnerability Details CVEID:CVE-2023-34454 DESCRIPTION: snappy-java is vulnerable to a denial of service, caused by an integer overflow in the compress function. By sending a specially crafted...

CVE-2021-35619

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 19c and 21c. Difficult to exploit vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromise Java VM...

USN-7255-1 openjdk-23 vulnerability

It was discovered that the Hotspot component of OpenJDK 23 did not properly handle API access under certain circumstances. An unauthenticated attacker could possibly use this issue to access unauthorized resources and expose sensitive information...

Medium: java-11-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13,...

Amazon Linux 2 : java-17-amazon-corretto (ALAS-2025-2740)

The version of java-17-amazon-corretto installed on the remote host is prior to 17.0.14+7-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2740 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracl...

Security Bulletin: Vulnerability in Bouncy Castle Crypto Package for Java affects watsonx.data

Summary The Bouncy Castle Crypto Package For Java is vulnerable to a denial of service attack. This could affect watsonx.data. Vulnerability Details CVEID:CVE-2024-30172 DESCRIPTION: The Bouncy Castle Crypto Package For Java is vulnerable to a denial of service, caused by an infinite loop in the...

K000149511: Oracle Java vulnerability CVE-2025-21502

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK:...

Security Bulletin: Vulnerabilities in JSON-java, Hutool and Jettison might affect IBM Storage Copy Data Management.

Summary IIBM Storage Copy Data Management can be affected by vulnerabilities in JSON-java, Hutool and Jettison . Vulnerabilities include a remote attacker could exploit these vulnerabilities to cause a denial of service as described by the CVEs in the "Vulnerability Details" section. Vulnerabilit...

Azul Zulu Java Vulnerability (2025-01-21)

The version of Azul Zulu installed on the remote host is 11 prior to 11.77.14 / 17 prior to 17.55.14 / 21 prior to 21.39.14 / 23 prior to 23.32.12. It is, therefore, affected by a vulnerability as referenced in the 2025-01-21 advisory. Note that Nessus has not tested for this issue but has instea...

K000149248: Java vulnerability CVE-2024-21210

Security Advisory Description Vulnerability in Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4 and 23. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

CVE-2024-13192

ZeroWdd myblog 1.0 contains a cross-site scripting vulnerability in the update function of BlogController.java. The issue allows remote exploitation and the exploit has been publicly disclosed; multiple connected sources validate the CVE-2024-13192 details. No official patch/version is stated in ...

studentmanager 代码注入漏洞

studentmanager is a student management system by the individual developer ZeroWdd. A code injection vulnerability exists in studentmanager version 1.0, which stems from the parameter url of the file src/main/java/com/zero/system/controller/PermissionController.java that can lead to cross-site...

K000149027: Java vulnerability CVE-2024-21208

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM fo...

CVE-2024-55887

Ucum-java is a FHIR Java library providing UCUM Services. In versions prior to 1.0.9, XML parsing performed by the UcumEssenceService is vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts...