Lucene search
K

87 matches found

Amazon
Amazon
added 2024/10/31 12:0 a.m.3 views

Medium: java-11-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12...

4.8CVSS4.8AI score0.01157EPSS
Exploits0
Amazon
Amazon
added 2024/10/31 12:0 a.m.13 views

Medium: java-1.8.0-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12...

4.8CVSS4.8AI score0.01157EPSS
Exploits0
Redos
Redos
added 2024/08/02 12:0 a.m.11 views

ROS-20240801-04

A vulnerability in the JSSE component of the Java SE software platform and Oracle GraalVM for JDK virtual machine is related to errors in certificate authentication procedure. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service A vulnerability in the CORBA...

5.3CVSS5.3AI score0.014EPSS
Exploits0
Redos
Redos
added 2024/07/30 12:0 a.m.11 views

ROS-20240730-16

A vulnerability in the Hotspot component of the Oracle Java SE software platform and Oracle GraalVM Virtual Machines for JDK and Oracle GraalVM Enterprise Edition exists due to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to impact the...

7.4CVSS7.4AI score0.01026EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/07/23 12:0 a.m.135 views

Amazon Linux 2 : java-17-amazon-corretto (ALAS-2024-2600)

The version of java-17-amazon-corretto installed on the remote host is prior to 17.0.12+7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2600 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product...

7.4CVSS6.6AI score0.01257EPSS
Exploits0References12
Redos
Redos
added 2024/05/29 12:0 a.m.12 views

ROS-20240529-04

A vulnerability in the ImageIO component of the Oracle Java SE software platform and the Oracle GraalVM Virtual Machine Enterprise Edition is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a partial denial of service Vulnerability i...

7.5CVSS7.6AI score0.46677EPSS
Exploits6
Redos
Redos
added 2024/05/24 12:0 a.m.18 views

ROS-20240424-03

A vulnerability in the Serialization component of the Oracle Java SE software platform and Oracle Virtual Machine GraalVM Enterprise Edition is related to the recovery of invalid data in memory. Exploitation exploitation of the vulnerability could allow a remote attacker to cause a denial of...

5.3CVSS7.6AI score0.08346EPSS
Exploits0
Redos
Redos
added 2024/05/21 12:0 a.m.10 views

ROS-20240521-09

A vulnerability in the JSSE component of the Oracle Java SE software platform and Oracle GraalVM virtual machine. Enterprise Edition is related to the lack of message integrity checking. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information or...

7.4CVSS7.4AI score0.02474EPSS
Exploits1
Amazon
Amazon
added 2024/05/03 12:0 a.m.5 views

Low: java-17-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10,...

3.7CVSS6AI score0.01361EPSS
Exploits0
Amazon
Amazon
added 2024/05/03 12:0 a.m.9 views

Low: java-22-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10,...

3.7CVSS6AI score0.01361EPSS
Exploits0
Amazon
Amazon
added 2024/01/09 12:0 a.m.4 views

Medium: java-1.8.0-openjdk

Issue Overview: Vulnerability in Oracle Java SE component: CORBA. Supported versions that are affected are Oracle Java SE: 8u381 and 8u381-perf. Easily exploitable vulnerability allows unauthenticated attacker with network access via CORBA to compromise Oracle Java SE. Successful attacks of this...

5.3CVSS5.8AI score0.014EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 5:32 a.m.5 views

SUSE CVE-2014-0368

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and Java SE Embedded 7u45, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims...

5CVSS6.3AI score0.03807EPSS
Exploits0References10
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/14 3:48 p.m.75 views

Security Bulletin: Netcool Operations Insight v1.6.4 contains fixes for multiple security vulnerabilities.

Summary Netcool Operations Insight v1.6.4 contains fixes for multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID: CVE-2021-23450 DESCRIPTION: Dojo could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution in the...

9.8CVSS8.1AI score0.30367EPSS
Exploits2Affected Software1
RedHat Linux
RedHat Linux
added 2022/03/21 7:36 a.m.2 views

OpenJDK: Non-constant comparison during TLS handshakes (JSSE, 8269618)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated...

4.3CVSS7.4AI score0.04104EPSS
Exploits0References4
NCSC
NCSC
added 2021/10/20 12:0 a.m.6 views

Vulnerabilities fixed in Oracle Java SE and GraalVM

Oracle has fixed vulnerabilities in Java SE and GraalVM Enterprise Edition. The vulnerabilities allow a malicious potentially able to launch attacks that result in the following categories of damage: Circumvention of security measure. Denial-of-Service DoS. Remote code execution User Rights Acces...

8.6CVSS9.3AI score0.32362EPSS
Exploits6
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/28 8:11 a.m.51 views

Security Bulletin: IBM Kenexa LMS On Premise -IBM SDK, Java Technology Edition Quarterly CPU - Jul 2021 - Includes Oracle Jul 2021 CPU (minus CVE-2021-2341)

Summary We have identified that the IBM Kenexa LMS On Premise is affected by one or more security vulnerabilities. These have been addressed in LMS 6.1.0 version. Vulnerability Details CVEID: CVE-2021-2388 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allo...

7.5CVSS1.1AI score0.04238EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/22 7:19 a.m.23 views

Security Bulletin: IBM Kenexa LMS On Premise -IBM SDK, Java Technology Edition Quarterly CPU - Oct 2020 - Includes Oracle Oct 2020 CPU

Summary We have identified that the IBM Kenexa LMS On Premise is affected by one or more security vulnerabilities. These have been addressed in LMS 6.1.0 version. Vulnerability Details CVEID: CVE-2020-14779 DESCRIPTION: An unspecified vulnerability in Java SE related to the Serialization componen...

5.8CVSS1.2AI score0.03713EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/14 9:6 p.m.31 views

Security Bulletin: Multiple vulnerabilities in IBM® SDK, Java™ Technology Edition affect IBM Operational Decision Manager (July 2020 CPU)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 and 8 that is used by IBM Operational Decision Manager ODM. These issues were disclosed as part of the IBM Java SDK updates in July 2020 and those deferred from January 2020. Vulnerability Details CVEID:...

8.3CVSS0.8AI score0.04315EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/08 12:56 p.m.48 views

Security Bulletin: IBM Kenexa LCMS Premier On Premise - IBM SDK, Java Technology Edition Quarterly CPU - Jul 2020 - Includes Oracle Jul 2020 CPU plus one additional vulnerability

Summary We have identified that the IBM Kenexa LCMS Premier is affected by one or more security vulnerabilities. These have been addressed in LCMS Premier 14.0 version. Vulnerability Details CVEID: CVE-2020-14583 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries...

8.3CVSS0.9AI score0.04315EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/06/17 11:16 a.m.36 views

Security Bulletin: IBM Kenexa LCMS Premier On Premise - IBM SDK, Java Technology Edition Quarterly CPU - Apr 2020 - Includes Oracle Apr 2020 CPU

Summary We have identified that the IBM Kenexa LCMS Premier is affected by one or more security vulnerabilities. These have been addressed in LCMS Premier 14.0 version. Vulnerability Details CVEID: CVE-2020-2805 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE Libraries...

8.3CVSS1.5AI score0.0623EPSS
Exploits0Affected Software1
Rows per page
Query Builder