56312 matches found
RLSA-2026:0752 Important: jmc security update
JDK Mission Control is a powerful profiler for HotSpot JVMs and has an advanced set of tools that enables efficient and detailed analysis of the extensive data collected by JDK Flight Recorder. The tool chain enables developers and administrators to collect and analyze data from Java applications...
jmc security update
An update is available for jmc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list JDK Mission Control is a powerful profiler for HotSpot JVMs and has an advanced s...
EUVD-2026-3562
Vulnerability in Oracle Java SE component: JavaFX. Supported versions that are affected are Oracle Java SE: 8u471-b50. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks require human...
EUVD-2026-3552
Vulnerability in the Oracle Applications DBA product of Oracle E-Business Suite component: Java utils. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Applications DBA...
EUVD-2026-3537
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.29 and 21.3-21.20. Easily exploitable vulnerability allows high privileged attacker having Authenticated User privilege with network access via Oracle Net to compromise Java VM...
EUVD-2026-3564
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17 an...
EUVD-2026-3584
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: RMI. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17 and...
EUVD-2026-3577
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: AWT, JavaFX. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17...
EUVD-2026-3576
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17...
OSV-2026-94 Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.statement
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=476574781 Crash type: Security exception Crash state: com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.statement java.base/jdk.internal.misc.Unsafe.weakCompareAndSetInt...
RockyLinux 9 : jmc (RLSA-2026:0752)
The remote RockyLinux 9 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2026:0752 advisory. lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing CVE-2025-66566 Tenable has extracted the preceding description block directly...
Amazon Corretto Java 17.x < 17.0.18.8.1 Multiple Vulnerabilities
The version of Amazon Corretto installed on the remote host is 17 prior to 17.0.18.8.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-17-2026-Jan-20 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...
Azul Zulu Java Multiple Vulnerabilities (2026-01-20)
The version of Azul Zulu installed on the remote host is 6 prior to 6.77.0.12 / 7 prior to 7.83.0.12 / 8 prior to 8.91.0.12 / 11 prior to 11.85.12 / 17 prior to 17.63.12 / 21 prior to 21.47.14 / 25 prior to 25.31.14. It is, therefore, affected by multiple vulnerabilities as referenced in the...
MiracleLinux 9 : jmc-8.2.0-18.el9_7.2 (AXSA:2026-058:01)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2026-058:01 advisory. lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing CVE-2025-66566 Tenable has extracted the preceding description block direct...
AlmaLinux 9 : jmc (ALSA-2026:0752)
The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:0752 advisory. lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing CVE-2025-66566 Tenable has extracted the preceding description block directly fr...
Amazon Corretto Java 8.x < 8.482.08.1 Multiple Vulnerabilities
The version of Amazon Corretto installed on the remote host is 8 prior to 8.482.08.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-8-2026-Jan-20 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ...
Oracle Java SE Multiple Vulnerabilities (January 2026 CPU)
The version of Java installed on the remote host is affected by multiple vulnerabilities as referenced in the January 2026 CPU advisory. - Vulnerability in Oracle Java SE component: JavaFX libxslt. Supported versions that are affected are Oracle Java SE: 8u471-b50. Difficult to exploit...
CVE-2026-21975
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.29 and 21.3-21.20. Easily exploitable vulnerability allows high privileged attacker having Authenticated User privilege with network access via Oracle Net to compromise Java VM...
CVE-2026-21975
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.29 and 21.3-21.20. Easily exploitable vulnerability allows high privileged attacker having Authenticated User privilege with network access via Oracle Net to compromise Java VM...
CVE-2026-21960
Vulnerability in the Oracle Applications DBA product of Oracle E-Business Suite component: Java utils. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Applications DBA...