56312 matches found
CVE-2026-21925
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: RMI. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17 and...
security-antipatterns-java
Security Anti-Patterns for Java AI coding agents write insecu...
org.webjars.npm:canvas (>=2.5.0 <=2.6.0), org.webjars.npm:color-thief (=2.2.5) +12 more potentially affected by CVE-2026-23950 via org.webjars.npm:tar (>=0.1.20 <=4.4.19)
org.webjars.npm:tar MAVEN version =0.1.20, =2.5.0, =0.97.5, =0.2.0, =3.4.0, =0.6.19, =2.0.0, =3.1.4, =3.4.1 - org.webjars.npm:tar.gz =1.0.7 Source cves: CVE-2026-23950 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15038582...
PT-2026-3707
Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite versions 12.2.3 through 12.2.15 Description A security issue exists within the Java utils component of the Oracle Applications DBA product. A high-privileged attacker with network access via HTTP can compromise the...
Oracle Java SE security vulnerabilities
Oracle Java SE is a product developed by Oracle Corporation in the United States. It is used for developing and deploying Java applications for desktops, servers, embedded devices, and real-time environments. There are security vulnerabilities in Oracle Java SE, Oracle GraalVM for JDK, and Oracle...
Oracle Java SE security vulnerabilities
Oracle Java SE is a product developed by Oracle Corporation in the United States. It is used for developing and deploying Java applications for desktops, servers, embedded devices, and real-time environments. There are security vulnerabilities in Oracle Java SE, Oracle GraalVM for JDK, and Oracle...
Oracle Java SE security vulnerabilities
Oracle Java SE is a product developed by Oracle Corporation in the United States. It is used for developing and deploying Java applications for desktops, servers, embedded devices, and real-time environments. There are security vulnerabilities in Oracle Java SE, Oracle GraalVM for JDK, and Oracle...
Oracle Java SE security vulnerabilities
Oracle Java SE is a product developed by Oracle Corporation in the United States. It is used for developing and deploying Java applications for desktops, servers, embedded devices, and real-time environments. There are security vulnerabilities in Oracle Java SE, Oracle GraalVM for JDK, and Oracle...
KLA90849 Multiple vulnerabilities in Oracle Java
Multiple vulnerabilities were found in Oracle Java. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Heap buffer overflow vulnerability can be exploited to cause deni...
PT-2026-3695
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1 Oracle GraalVM for JDK versions 17.0.17 and 21.0.9 Oracle GraalVM Enterprise Edition version 21.3.16 Description An easily exploitable issue exists in Oracl...
PT-2026-3675
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u471, 8u471-b50, 8u471-perf Oracle Java SE version 11.0.29 Oracle Java SE version 17.0.17 Oracle Java SE version 21.0.9 Oracle Java SE version 25.0.1 Oracle GraalVM for JDK versions 17.0.17 and 21.0.9 Oracle GraalVM...
MiracleLinux 4 : java-1.8.0-openjdk-1.8.0.262.b10-0.0.1.AXS4 (AXSA:2020-224:13)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-224:13 advisory. OpenJDK: Bypass of boundary checks in nio.Buffer via concurrent access Libraries, 8238920 CVE-2020-14583 OpenJDK: Incomplete bounds checks in Affine...
PT-2026-3722
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.29 and 21.3-21.20. Easily exploitable vulnerability allows high privileged attacker having Authenticated User privilege with network access via Oracle Net to compromise Java VM...
PT-2026-3697
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u471-b50 Description A difficult-to-exploit issue exists in Oracle Java SE JavaFX component that allows an unauthenticated attacker with network access, via multiple protocols, to compromise the software. Successful...
Oracle Database Server security vulnerabilities
Oracle Database Server is a relational database management system developed by Oracle Corporation in the United States. This database management system provides features such as data management and distributed processing. There were security vulnerabilities in the Java VM versions of Oracle...
Oracle Java SE security vulnerabilities
Oracle Java SE is a product developed by Oracle Corporation in the United States. It is used for developing and deploying Java applications for desktops, servers, embedded devices, and real-time environments. Version Oracle Java SE 8u471-b50 contains a security vulnerability. This vulnerability...
PT-2026-3683
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1 Oracle GraalVM for JDK versions 17.0.17 and 21.0.9 Oracle GraalVM Enterprise Edition version 21.3.16 Description A flaw exists in the Networking component o...
PT-2026-3682
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1 Oracle GraalVM for JDK versions 17.0.17 and 21.0.9 Oracle GraalVM Enterprise Edition version 21.3.16 Description An easily exploitable issue exists in Oracl...
MiracleLinux 8 : java-11-openjdk-11.0.23.0.9-3.el8 (AXSA:2024-7715:09)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7715:09 advisory. OpenJDK: long Exception message leading to crash 8319851 CVE-2024-21011 OpenJDK: integer overflow in C1 compiler address generation 8322122...
MiracleLinux 9 : java-11-openjdk-11.0.20.0.8-2.el9.ML.1 (AXSA:2023-6266:17)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6266:17 advisory. OpenJDK: ZIP file parsing infinite loop 8302483 CVE-2023-22036 OpenJDK: weakness in AES implementation 8308682 CVE-2023-22041 OpenJDK: improper...