CVE-2025-8885

CVE-2025-8885 is described across connected IBM/Nessus entries as an Allocation of Resources Without Limits or Throttling vulnerability affecting Bouncy Castle Java BC prov/BC-FJA and related API modules. Affected BC Java versions are 1.0–1.77; BC-FJA 1.0.0–1.0.2.5 and 2.0.0–2.0.1. The exploit in...

OESA-2024-1223 shim security update

Initial UEFI bootloader that handles chaining to a trusted full \ bootloader under secure boot environments. Security Fixes: Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate...

The vulnerability of the identifier processing function in Zyxel ATP network devices, such as USG FLEX, USG FLEX50(W), USG20(W)-VPN, VPN, ZyWALL/USG, arises from copying buffers without checking the size of the input data. This allows attackers to execute arbitrary code or cause service interruptions.

The vulnerability of the identifier processing function in Zyxel ATP, USG FLEX, USG FLEX50W, USG20W-VPN, VPN, ZyWALL/USG network devices lies in the copying of buffers without checking the size of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause...

The vulnerability of the IBM Rational Asset Manager (RAM) system, related to deficiencies in access control, allows a hacker to bypass security restrictions.

The vulnerability of the IBM Rational Asset Manager RAM system relates to deficiencies in access control when processing UID parameters. Exploiting this vulnerability could allow a malicious actor to circumvent security restrictions remotely...

OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037)

Vulnerability in the Java SE product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE...

SUSE-SU-2020:0628-1 Security update for java-1_7_0-openjdk

This update for java-170-openjdk fixes the following issues: Update java-170-openjdk to version jdk7u251 January 2020 CPU, bsc1160968: - CVE-2020-2583: Unlink Set of LinkedHashSets - CVE-2020-2590: Improve Kerberos interop capabilities - CVE-2020-2593: Normalize normalization for all -...

OPENSUSE-SU-2020:0147-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: Update java-180-openjdk to version jdk8u242 icedtea 3.15.0 January 2020 CPU, bsc1160968: - CVE-2020-2583: Unlink Set of LinkedHashSets - CVE-2020-2590: Improve Kerberos interop capabilities - CVE-2020-2593: Normalize normalization for a...