Lucene search
K

56310 matches found

OSV
OSV
added 2026/01/22 10:16 a.m.4 views

UBUNTU-CVE-2026-1225

ACE vulnerability in configuration file processing by QOS.CH logback-core up to and including version 1.5.24 in Java applications, allows an attacker to instantiate classes already present on the class path by compromising an existing logback configuration file. The instantiation of a potentially...

1.8CVSS5.8AI score0.00159EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/01/22 10:16 a.m.6 views

CVE-2026-1225

ACE vulnerability in configuration file processing by QOS.CH logback-core up to and including version 1.5.24 in Java applications, allows an attacker to instantiate classes already present on the class path by compromising an existing logback configuration file. The instantiation of a potentially...

1.8CVSS5.9AI score0.00159EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/01/22 9:24 a.m.5 views

openjdk: Enhance Certificate Checking (Oracle CPU 2026-01)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17 an...

7.5CVSS5.9AI score0.00864EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/01/22 9:24 a.m.4 views

openjdk: Improve HttpServer Request handling (Oracle CPU 2026-01)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17...

6.1CVSS5.8AI score0.00261EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/01/22 9:24 a.m.6 views

openjdk: Improve JMX connections (Oracle CPU 2026-01)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: RMI. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17 and...

4.8CVSS5.8AI score0.00212EPSS
Exploits0References5
CVE
CVE
added 2026/01/22 9:24 a.m.369 views

CVE-2026-1225

CVE-2026-1225 affects logback-core (up to and including 1.5.24) used in Java applications. The issue enables an attacker to instantiate arbitrary classes present on the user’s class path by compromising an existing logback configuration file. Exploitation requires the attacker to have write acces...

1.8CVSS5.5AI score0.00159EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/22 9:24 a.m.5 views

CVE-2026-1225

ACE vulnerability in configuration file processing by QOS.CH logback-core up to and including version 1.5.24 in Java applications, allows an attacker to instantiate classes already present on the class path by compromising an existing logback configuration file. The instantiation of a potentially...

1.8CVSS5.3AI score0.00159EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: python-tensorboard (CVE-2022-3171)

The version of python-tensorboard installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3171 advisory. - A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3,...

7.5CVSS5.6AI score0.01048EPSS
Exploits0References2
Spring Security Advisories
Spring Security Advisories
added 2026/01/22 12:0 a.m.8 views

A Bootiful Podcast: Jetbrains legend Dmitry Jemerov

Hi, Spring and IntelliJ IDEA fans! This week we celebrate 25 years of Jetbrains IntelliJ IDEA, and who better to talk to us about its evolution than Dmitry Jemerov, whose been a contributor and developer for the project since 2003!...

5.4AI score
Exploits0
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.5 views

Seroval security vulnerabilities

Seroval is a formatted Java library developed by Alexis H. Munsayac. Versions of Seroval 1.4.0 and earlier contain security vulnerabilities. These vulnerabilities arise from the possibility of exhausting memory or causing denial-of-service attacks when custom RegEx patterns are deserialized...

7.5CVSS5.8AI score0.00481EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2026/01/22 12:0 a.m.19 views

java-17-openjdk security update

1:17.0.18.0.8-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:17.0.18.0.8-1 - Update to jdk-17.0.18+8 GA - Add to .gitignore openjdk-17.0.18+8.tar.xz - Sync java-17-openjdk-portable.specfile from openjdk-portable-rhel-8 - Set buildver to 8 - Set isga to 1 - Update sources to...

7.5CVSS5.5AI score0.00864EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.9 views

Oracle Linux 8 / 9 : java-17-openjdk (ELSA-2026-0927)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0927 advisory. 1:17.0.18.0.8-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:17.0.18.0.8-1 - Update to jdk-17.0.18+8 GA - Add to .gitignore...

7.5CVSS6AI score0.00864EPSS
Exploits6References6
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.8 views

RHEL 10 / 8 / 9 : java-21-openjdk (RHSA-2026:0928)

The remote Redhat Enterprise Linux 10 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0928 advisory. The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security...

7.5CVSS6.6AI score0.00864EPSS
Exploits6References7
GitLab Advisory Database
GitLab Advisory Database
added 2026/01/22 12:0 a.m.7 views

Logback allows an attacker to instantiate classes already present on the class path

ACE vulnerability in configuration file processing by QOS.CH logback-core up to and including version 1.5.24 in Java applications, allows an attacker to instantiate classes already present on the class path by compromising an existing logback configuration file. The instantiation of a potentially...

1.8CVSS5.6AI score0.00159EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: python-tensorboard (CVE-2022-3509)

The version of python-tensorboard installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3509 advisory. - A parsing issue similar to CVE-2022-3171, but with textformat in protobuf-java core and lite...

7.5CVSS5.7AI score0.01048EPSS
Exploits0References2
OSV
OSV
added 2026/01/22 12:0 a.m.9 views

ALSA-2026:0928 Important: java-21-openjdk security update

The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fixes: JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945 libpng:...

7.5CVSS5.8AI score0.00864EPSS
Exploits6References9
OSV
OSV
added 2026/01/22 12:0 a.m.12 views

ALSA-2026:0927 Important: java-17-openjdk security update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945 libpn...

7.5CVSS5.8AI score0.00864EPSS
Exploits6References8
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.11 views

RHEL 8 / 9 : java-17-openjdk (RHSA-2026:0927)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0927 advisory. The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security...

7.5CVSS6.6AI score0.00864EPSS
Exploits6References7
AlmaLinux
AlmaLinux
added 2026/01/22 12:0 a.m.9 views

Important: java-21-openjdk security update

The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fixes: JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945 libpng:...

7.5CVSS5.8AI score0.00864EPSS
Exploits6References7
AlmaLinux
AlmaLinux
added 2026/01/22 12:0 a.m.16 views

Important: java-17-openjdk security update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945 libpn...

7.5CVSS5.8AI score0.00864EPSS
Exploits6References7
Rows per page
Query Builder