PT-2026-38854

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: Compiler. The supported version that is affected is Oracle Java SE: 24.0.1; Oracle GraalVM for JDK: 24.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

BIT-JAVA-2025-30752

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: Compiler. The supported version that is affected is Oracle Java SE: 24.0.1; Oracle GraalVM for JDK: 24.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

PT-2026-38040

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: Compiler. The supported version that is affected is Oracle Java SE: 24.0.1; Oracle GraalVM for JDK: 24.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

Security Bulletin: Multiple security vulnerabilities are addressed in IBM Business Automation Workflow Containers fixes December 2025

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Business Automation Workflow Containers 24.0.1-IF006 and 25.0.0-IF003. Vulnerability Details CVEID:CVE-2025-36058 DESCRIPTION: IBM Cloud Pak for Business Automatio...

CVE-2025-66033

Okta Java Management SDK facilitates interactions with the Okta management API. In versions 21.0.0 through 24.0.0, specific multithreaded implementations may encounter memory issues as threads are not properly cleaned up after requests are completed. Over time, this can degrade performance and...

CVE-2025-66033 Improper Memory Cleanup in the Okta Java SDK

Okta Java Management SDK facilitates interactions with the Okta management API. In versions 21.0.0 through 24.0.0, specific multithreaded implementations may encounter memory issues as threads are not properly cleaned up after requests are completed. Over time, this can degrade performance and...

EUVD-2025-37500

IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user to cause a denial of service due to the improper validation of input length...

CVE-2025-36091 IBM Business Automation Insights unverified ownership

IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user to cause dashboards to become inaccessible to legitimate users due to invalid ownership assignment...

PT-2025-44769

Name of the Vulnerable Software and Affected Versions IBM Cloud Pak For Business Automation versions 25.0.0, 24.0.1, and 24.0.0 Description IBM Cloud Pak For Business Automation may allow an authenticated user to cause a denial of service. This is due to improper validation of input length...

PT-2025-44780

Name of the Vulnerable Software and Affected Versions IBM Cloud Pak For Business Automation versions 25.0.0, 24.0.1, and 24.0.0 Description IBM Cloud Pak For Business Automation may allow an attacker to access unauthorized content or perform unauthorized actions through man-in-the-middle techniqu...

PT-2025-32362 · Ibm · Ibm Cloud Pak For Business Automation

Name of the Vulnerable Software and Affected Versions: IBM Cloud Pak for Business Automation versions 24.0.0 through 24.0.0 IF005 IBM Cloud Pak for Business Automation versions 24.0.1 through 24.0.1 IF002 Description: The software contains a flaw that may allow an authenticated user to view...

CVE-2025-30752

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: Compiler. The supported version that is affected is Oracle Java SE: 24.0.1; Oracle GraalVM for JDK: 24.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

UBUNTU-CVE-2025-30752

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: Compiler. The supported version that is affected is Oracle Java SE: 24.0.1; Oracle GraalVM for JDK: 24.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

PT-2025-29620 · Oracle · Oracle Graalvm For Jdk +1

Name of the Vulnerable Software and Affected Versions: Oracle GraalVM for JDK version 24.0.1 Description: A difficult-to-exploit issue exists in the Oracle GraalVM for JDK product of Oracle Java SE component: Native Image. An unauthenticated attacker with network access via HTTP can compromise...

IBM Business Automation Workflow 访问控制错误漏洞

IBM Business Automation Workflow is a suite of workflow automation solutions from International Business Machines IBM. The product is primarily used for workflow management, compliance management, and features workflow visibility and scalability. An access control error vulnerability exists in IB...

IBM Business Automation Workflow 跨站脚本漏洞

IBM Business Automation Workflow is a suite of workflow automation solutions from International Business Machines IBM. The product is primarily used for workflow management, compliance management, and features workflow visibility and scalability. A cross-site scripting vulnerability exists in IBM...

CVE-2019-25220

Bitcoin Core before 24.0.1 allows remote attackers to cause a denial of service daemon crash via a flood of low-difficulty header chains aka a "Chain Width Expansion" attack because a node does not first verify that a presented chain has enough work before committing to store it...