86 matches found
Symlink Attack
Overview Affected versions of this package are vulnerable to Symlink Attack via the findTempDir and copyAgent processes. An attacker can overwrite arbitrary files on the host system by controlling the TMPDIR environment variable in a Java process and leveraging symlink manipulation. This is only...
EUVD-2025-180270
Malicious code in async-eta-try-balance-java npm...
Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to several issues due to the Java package (CVE-2025-30749, CVE-2025-30754, CVE-2025-50059, CVE-2025-50106)
Summary Java is used by DataStage on Cloud Pak for Data as part of overall processing functionality. Vulnerability Details CVEID:CVE-2025-30749 DESCRIPTION: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D...
EUVD-2021-16096
Malware in sbrugna...
MAL-2025-23672 Malicious code in java-validate-monitor-link-private (npm)
The package java-validate-monitor-link-private was found to contain malicious code...
MAL-2025-23671 Malicious code in java-fork-byte-double-epsilon (npm)
The package java-fork-byte-double-epsilon was found to contain malicious code...
Oracle Linux 8 / 9 : java-1.8.0-openjdk (ELSA-2025-10862)
The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-10862 advisory. 1:1.8.0.462.b08-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.462.b08-1 - Update to 8u462-b08 GA - Update release notes for 8u462-b08...
Fedora: Security Advisory (FEDORA-2025-27b8e92f04)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2025:1429-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2025:0279-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-e81dbae527)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-dd11f92771)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
java-17-openj9-17.0.15.0-1.1 on GA media (moderate)
java-17-openj9-17.0.15.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:15078-1 Rating: moderate Cross-References: CVE-2025-21587 CVE-2025-30698 CVSS scores: CVE-2025-21587 SUSE : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2025-21587 SUSE : 9.1...
OPENSUSE-SU-2025:15024-1 java-21-openjdk-21.0.7.0-1.1 on GA media
These are all security issues fixed in the java-21-openjdk-21.0.7.0-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2025:15023-1 java-17-openjdk-17.0.15.0-1.1 on GA media
These are all security issues fixed in the java-17-openjdk-17.0.15.0-1.1 package on the GA media of openSUSE Tumbleweed...
openSUSE Security Advisory (SUSE-SU-2025:1029-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2025:1029-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs
Summary Multiple vulnerabilities were fixed in IBM Cloud Pak for Watson AIOps version 3.7 Vulnerability Details CVEID:CVE-2023-0044 DESCRIPTION: Quarkus could allow a remote attacker to obtain sensitive information, caused by a flaw when the Form Authentication session cookie Path attribute is se...
Linux Distros Unpatched Vulnerability : CVE-2023-43642
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - snappy-java is a Java port of the snappy, a fast C++ compresser/decompresser developed by Google. The SnappyInputStream was found to be vulnerable to Denial of...
Linux Distros Unpatched Vulnerability : CVE-2022-24839
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - org.cyberneko.html is an html parser written in Java. The fork of org.cyberneko.html used by Nokogiri Rubygem raises a java.lang.OutOfMemoryError exception when...