11988 matches found
MGASA-2025-0042 Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk & java-latest-openjdk packages fix security vulnerability
A difficult to exploit vulnerability allows unauthenticated attackers with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to Oracle Java SE accessible. This vulnerability can b...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.10.1)
The version of AOS installed on the remote host is prior to 6.10.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.10.1 advisory. - An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for mgroupSize ...
openjdk: Enhance array handling (Oracle CPU 2025-01)
Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to Oracle Java SE accessible. This vulnerability can be...
The vulnerabilities of the components of the Oracle Java SE software platform, including Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition, allow attackers to gain unauthorized access to protected information and to modify, add, or delete data.
The vulnerabilities of the Oracle Java SE software platform’s components, as well as the Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines, are related to deficiencies in the authentication mechanism. Exploiting these vulnerabilities can allow an attacker to gain...
Security Bulletin: IBM B2B Advanced Communications is vulnerable to multiple issues due to Java SDK (CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968, CVE-2023-21937, CVE-2023-21938, CVE-2023-2597)
Summary IBM B2B Advanced Communications has addressed vulnerabilities in Java SDK shipped with product. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow an...
Medium: java-17-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13,...
Medium: java-21-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13,...
Medium: java-23-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13,...
Medium: java-21-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13,...
Medium: java-23-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13,...
Amazon Linux 2023 : java-21-amazon-corretto, java-21-amazon-corretto-devel, java-21-amazon-corretto-headless (ALAS2023-2025-827)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-827 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE:...
Medium: java-17-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13,...
Amazon Linux 2023 : java-11-amazon-corretto, java-11-amazon-corretto-devel, java-11-amazon-corretto-headless (ALAS2023-2025-826)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-826 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE:...
Amazon Linux 2023 : java-23-amazon-corretto, java-23-amazon-corretto-devel, java-23-amazon-corretto-headless (ALAS2023-2025-825)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-825 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE:...
Medium: java-11-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13,...
Security Bulletin: IBM Sterling Control Center v6.2.1 and v6.3.1 is vulnerable with IBM Semeru Runtime Quarterly CPU - Apr 2023
Summary IBM Semeru Runtime Quarterly CPU - Apr 2023 - Includes OpenJDK April 2023 CPU plus CVE-2023-25193 and CVE-2023-2597 and affecting Sterling Control Center v6.2.1 and v6.3.1. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle Graal...
Medium: java-11-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13,...
Medium: java-17-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13,...
Medium: java-17-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13,...
Medium: java-11-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13,...