CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

An update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS7.1AI score0.87555EPSS

Exploits3References22

Tenable Nessus•added 2024/07/31 12:0 a.m.•27 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : java-17-openjdk (SUSE-SU-2024:2628-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2628-1 advisory. Updated to version 17.0.12+7 July 2024 CPU: - CVE-2024-21131: Fixed a potential UTF8 size overfl...

7.4CVSS6.7AI score0.00977EPSS

Exploits0References17

Tenable Nessus•added 2024/07/23 12:0 a.m.•133 views

Amazon Linux 2 : java-17-amazon-corretto (ALAS-2024-2600)

The version of java-17-amazon-corretto installed on the remote host is prior to 17.0.12+7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2600 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product...

7.4CVSS6.6AI score0.00977EPSS

Exploits0References12

OSV•added 2024/07/18 12:0 a.m.•17 views

OPENSUSE-SU-2024:14202-1 java-17-openjdk-17.0.12.0-1.1 on GA media

These are all security issues fixed in the java-17-openjdk-17.0.12.0-1.1 package on the GA media of openSUSE Tumbleweed...

7.4CVSS6.8AI score0.00977EPSS

Exploits0References5

Tenable Nessus•added 2024/07/18 12:0 a.m.•29 views

Oracle Linux 8 / 9 : java-17-openjdk (ELSA-2024-4568)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4568 advisory. 1:17.0.12.0.7-2.0.1 - Add Oracle vendor bug URL 1:17.0.12.0.7-2 - Update to jdk-17.0.12+7 GA - Update .gitignore to ignore openjdk-17.0.12+7.tar.xz...

7.4CVSS6.7AI score0.00977EPSS

Exploits0References6

Tenable Nessus•added 2024/07/17 12:0 a.m.•22 views

RHEL 8 / 9 : java-17-openjdk (RHSA-2024:4568)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4568 advisory. The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security...

7.4CVSS6.8AI score0.00977EPSS

Exploits0References12

Veracode•added 2024/07/10 8:12 a.m.•18 views

Denial Of Service (DoS)

Undertow is vulnerable to Denial Of Service DoS. The vulnerability is due to Undertow's failure to send the expected termination sequence 0\r\n for chunked responses after flushing the response body. The vulnerability allows an attacker to exploit the incomplete handling of chunked responses in...

7.5CVSS6.6AI score0.03699EPSS

Exploits0References12Affected Software1

Github Security Blog•added 2024/07/08 9:31 p.m.•58 views

Undertow Denial of Service vulnerability

A vulnerability was found in Undertow, where the chunked response hangs after the body was flushed. The response headers and body were sent but the client would continue waiting as Undertow does not send the expected 0\r\n termination of the chunked response. This results in uncontrolled resource...

7.5CVSS6.8AI score0.03699EPSS

Exploits0References16Affected Software1

OSV•added 2024/07/08 9:31 p.m.•15 views

GHSA-XPP6-8R3J-WW43 Undertow Denial of Service vulnerability

8.7CVSS7.2AI score0.03699EPSS

Exploits0References16