944 matches found
Important: java-1.8.0-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: RMI. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK:...
Important: java-1.8.0-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: RMI. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK:...
Amazon Linux 2 : cri-tools, --advisory ALAS2-2026-3135 (ALAS-2026-3135)
The version of cri-tools installed on the remote host is prior to 1.32.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3135 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary Z...
Amazon Linux 2 : golang-github-cpuguy83-go-md2man, --advisory ALAS2-2026-3137 (ALAS-2026-3137)
The version of golang-github-cpuguy83-go-md2man installed on the remote host is prior to 1.0.4-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3137 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service wh...
Important: java-25-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: RMI. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK:...
Medium: nerdctl
Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...
Security update for java-1_8_0-ibm
This update for java-180-ibm fixes the following issues: Security fixes: - CVE-2026-21925: Fixed Oracle Java SE component RMI bsc1257034 - CVE-2026-21932: Fixed Oracle Java SE component AWT and JavaFX bsc1257036 - CVE-2026-21933: Fixed Oracle Java SE component Networking bsc1257037 -...
Ubuntu: Security Advisory (USN-7997-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : OpenJDK 17 vulnerabilities (USN-7998-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7998-1 advisory. It was discovered that the RMI component of OpenJDK 17 would establish RMI TCP endpoint connections to a remo...
CLSA-2026-1770116781 java-1.8.0-openjdk: Fix of 5 CVEs
CVE-2026-21945: security component vulnerability allowing unauthenticated attackers with network access to cause denial of service - CVE-2026-21933: networking component vulnerability allowing unauthenticated attackers with network access to compromise confidentiality and integrity -...
USN-7998-1 openjdk-17 vulnerabilities
It was discovered that the RMI component of OpenJDK 17 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...
USN-7998-1: OpenJDK 17 vulnerabilities
It was discovered that the RMI component of OpenJDK 17 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...
Ubuntu: Security Advisory (USN-8003-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-8003-1: CRaC JDK 21 vulnerabilities
It was discovered that the RMI component of CRaC JDK 21 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...
USN-8003-1 openjdk-21-crac vulnerabilities
It was discovered that the RMI component of CRaC JDK 21 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...
USN-8002-1 openjdk-21 vulnerabilities
It was discovered that the RMI component of OpenJDK 21 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...
USN-8002-1: OpenJDK 21 vulnerabilities
It was discovered that the RMI component of OpenJDK 21 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...
USN-8000-1: OpenJDK 8 vulnerabilities
It was discovered that the RMI component of OpenJDK 8 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...
openjdk: Improve JMX connections (Oracle CPU 2026-01)
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: RMI. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17 and...
USN-7997-1: CRaC JDK 17 vulnerabilities
It was discovered that the RMI component of CRaC JDK 17 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...