CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9018 matches found

Microsoft CVE•added 2025/10/02 6:11 a.m.•1 views

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Com

...

5.9CVSS7AI score0.00329EPSS

Exploits0

Microsoft CVE•added 2025/10/02 6:11 a.m.•2 views

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web

...

3.7CVSS7AI score0.00264EPSS

Exploits0

IBM Security Bulletins•added 2025/10/01 8:13 p.m.•4 views

Security Bulletin: IBM Sterling Connect:Direct for Unix is vulnerable to several vulnerabilities due to IBM Java 17

Summary IBM Java 17 is used by IBM Sterling Connect:Direct for UNIX in product configuration and data transmission. IBM Sterling Connect:Direct for UNIX is impacted by vulnerabilities in IBM Java 17. IBM Sterling Connect:Direct for UNIX has upgraded IBM Java 17 to address the issues. Vulnerabilit...

8.6CVSS6.7AI score0.02123EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/10/01 3:26 p.m.•3 views

Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to multiple issues due to IBM Runtime Environment Java Technology Edition Version 8

Summary There are vulnerabilities in IBM Runtime Environment Java Technology Edition Version 8 used by IBM Sterling Connect:Direct for Microsoft Windows. IBM Sterling Connect:Direct for Microsoft Windows has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-50106 DESCRIPTION:...

8.1CVSS6.2AI score0.02123EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/10/01 1:24 p.m.•4 views

Security Bulletin: Vulnerabilities in IBM Java included with IBM Tivoli Composite Application Manager for Applications WebSphere MQ Monitoring Agent

Summary Vulnerabilities in IBM SDK Java Technology Edition that is shipped as part of agent framework in ITCAM for Applications WebSphere MQ Monitoring Agent. CVEs: CVE-2025-50106, CVE-2025-30749. Vulnerability Details CVEID:CVE-2025-50106 DESCRIPTION: Vulnerability in the Oracle Java SE, Oracle...

8.1CVSS6.7AI score0.02123EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/09/30 4:56 p.m.•20 views

Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.11.0 Vulnerability Details CVEID:CVE-2025-30749 DESCRIPTION: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported...

8.1CVSS9.4AI score0.02123EPSS

Exploits2Affected Software1

Tenable Nessus•added 2025/09/26 12:0 a.m.•1 views

Tenable Patch Management Server < 9.3.969.1 (TNS-2025-19)

The version of Tenable Patch Management Server installed on the remote host is prior to 9.3.969.1. It is, therefore, affected by a vulnerability as referenced in the TNS-2025-19 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of...

4.8CVSS6.4AI score0.00459EPSS

Exploits0References3

IBM Security Bulletins•added 2025/09/23 4:37 p.m.•4 views

Security Bulletin: Multiple vulnerabilities affect CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition.

Summary Java Runtime Environments and IBM Semeru Runtimes are used by CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition. CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition have been updated in order to address the multip...

8.1CVSS6.4AI score0.02123EPSS

Exploits1Affected Software2

IBM Security Bulletins•added 2025/09/23 8:59 a.m.•8 views

Security Bulletin: Multiple Vulnerabilities in Java affecting IBM Knowledge Catalog and IBM Match 360 On Cloud Pak for Data

Summary Lineage, an internal component of IBM Knowledge Catalog, and the IBM Match 360 component within IBM Cloud Pak for Data are impacted by vulnerabilities in Java. These vulnerabilities have now addressed. Vulnerability Details CVEID:CVE-2025-50059 DESCRIPTION: Vulnerability in the Oracle Jav...

8.6CVSS7AI score0.02123EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/09/22 11:8 a.m.•8 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms

Summary Multiple vulnerabilities in IBM SDK Java Technology Edition, Version 8 used by IBM Tivoli System Automation for Multiplatforms. These issues were disclosed as part of the IBM Java SDK updates in July 2025 Vulnerability Details CVEID:CVE-2025-50106 DESCRIPTION: Vulnerability in the Oracle...

8.1CVSS6.4AI score0.02123EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/09/12 7:33 a.m.•3 views

Security Bulletin: Multiple vulnerabilities disclosed in IBM Semeru Runtime affect IBM SPSS Collaboration and Deployment Services

Summary Multiple vulnerabilities disclosed in IBM Semeru Runtime affect IBM SPSS Collaboration and Deployment Services CVE-2025-50059, CVE-2025-50106, CVE-2025-30749, CVE-2025-30761, CVE-2025-30754. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-50059...

8.6CVSS6.6AI score0.02123EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/09/11 7:35 p.m.•6 views

Security Bulletin: Security Vulnerabilities in Java and Liberty affect IBM Voice Gateway

Summary Multiple vulnerabilities were addressed in IBM Voice Gateway. Vulnerability Details CVEID:CVE-2025-36124 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.8 could allow a remote attacker to bypass security restrictions caused by a failure to honor JMS messaging...

8.1CVSS6.8AI score0.02123EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/09/11 6:22 p.m.•5 views

Security Bulletin: Multiple Vulnerabilities of IBM Java SDK affect Linux KVM Agent from IBM Tivoli Monitoring for Virtual Environments

Summary IBM java SDK is used by Linux KVM Agent from IBM Tivoli Monitoring for Virtual Environments. Vulnerability Details CVEID:CVE-2025-50106 DESCRIPTION: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D...

8.1CVSS6.5AI score0.02123EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/09/11 6:19 p.m.•6 views

Security Bulletin: Multiple Vulnerabilities of IBM Java SDK affect VMware Agent from IBM Tivoli Monitoring for Virtual Environments.

Summary IBM java SDK is used by VMware Agent from IBM Tivoli Monitoring for Virtual Environments. Vulnerability Details CVEID:CVE-2025-50106 DESCRIPTION: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Support...

8.1CVSS6.5AI score0.02123EPSS

Exploits1Affected Software1

Redos•added 2025/09/08 12:0 a.m.•2 views

ROS-20250908-05

A vulnerability in Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect input data validation in the 2D component of Oracle GraalVM. Oracle Java SE platform is related to incorrect input data validation in...

5.6CVSS6.1AI score0.00076EPSS

Exploits0

Redos•added 2025/09/08 12:0 a.m.•1 views

ROS-20250908-09

A vulnerability in the JSSE component of the Oracle Java SE software platform is related to insufficient validation of the of input data. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to modify, delete and read protected information using th...

4.8CVSS7.2AI score0.00459EPSS

Exploits0

Redos•added 2025/09/08 12:0 a.m.•4 views

ROS-20250908-04

5.6CVSS6.1AI score0.00076EPSS

Exploits0

Tenable Nessus•added 2025/09/05 12:0 a.m.•2 views

IBM MQ 9.1 < 9.1.0.31 LTS / 9.2 < 9.2.0.37 LTS / 9.3 < 9.3.0.31 LTS / 9.3 < 9.4.3.1 CD / 9.4 < 9.4.0.15 LTS / 9.4.3.1 (7243800)

The version of IBM MQ Server running on the remote host is affected by multiple vulnerabilities as referenced in the 7243800 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that...

8.1CVSS6.6AI score0.02123EPSS

Exploits1References5

Tenable Nessus•added 2025/09/02 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2025-50063

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in Oracle Java SE component: Install. The supported version that is affected is Oracle Java SE: 8u451. Easily exploitable vulnerability allows low...

7.3CVSS6.7AI score0.00222EPSS

Exploits0References2

Tenable Nessus•added 2025/08/30 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2022-39399

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are...

3.7CVSS6.3AI score0.00215EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by