EUVD-2022-2274

Malicious code in bioql PyPI...

EUVD-2024-21976

Malicious code in bioql PyPI...

EUVD-2022-3098

Malicious code in bioql PyPI...

ROS-20250908-10

A vulnerability in the JSSE component of the Oracle Java SE software platform is related to insufficient validation of the of input data. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to modify, delete and read protected information using th...

ROS-20250908-07

A vulnerability in the JSSE component of the Oracle Java SE software platform is related to insufficient validation of the of input data. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to modify, delete and read protected information using th...

Linux Distros Unpatched Vulnerability : CVE-2021-40690

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the secureValidation property is not passed...

Linux Distros Unpatched Vulnerability : CVE-2015-1832

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XML external entity XXE vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows...

OESA-2025-2072 openjdk-1.8.0 security update

The OpenJDK runtime environment 8. Security Fixes: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE:8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24;...

PT-2025-34333 · Unknown · Bouncy Castle For Java

Name of the Vulnerable Software and Affected Versions: Bouncy Castle for Java FIPS versions 2.1.0 through 2.1.0 Description: An uncontrolled resource consumption issue exists in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips, affecting all API modules. This issue allows for...

CVE-2019-2978 vulnerabilities

Vulnerabilities for packages: openjdk...

litemall 安全漏洞

litemall is a small mall system for linlinjava individual developers. A security vulnerability exists in litemall 1.8.0 and earlier versions, which stems from the incorrect manipulation of the parameter SECRET in the file litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/util/JwtHelper.jav...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ASN1ObjectIdentifier. An attacker can cause excessive resource consumption by submitting specially crafted ASN.1 Object Identifiers, potentially leading to service disruption...

CLSA-2025-1754043770 java-17-openjdk: Fix of 4 CVEs

Update to jdk-17.0.16+8 - CVE-2025-50106: fix 2D component vulnerability in Java SE allowing remote attackers to compromise the Java runtime via crafted input - CVE-2025-30749: fix 2D rendering vulnerability in Java SE that could lead to application crash or remote code execution -...

SUSE-SU-2025:02563-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.28+6 July 2025 CPU: Security fixes: - CVE-2025-30749: several scenarios can lead to heap corruption bsc1246595 - CVE-2025-30754: incomplete handshake may lead to weakening TLS protections bsc1246598 -...

CLSA-2025-1753799434 java-1.8.0-openjdk: Fix of 19 CVEs

Security fixes from OpenJDK 8u452-b09: - CVE-2025-21587: JSSE issue allowing remote access or modification of sensitive data - CVE-2025-30698: allows limited data access and partial DoS via untrusted Java code - CVE-2025-30691: allows limited data access via untrusted code using compiler APIs -...

[SECURITY] [DLA 4246-1] libowasp-esapi-java security update

Debian LTS Advisory DLA-4246-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany July 22, 2025 https://wiki.debian.org/LTS Package : libowasp-esapi-java Version : 2.4.0.0-0+deb11u1 CVE ID : CVE-2022-23457 CVE-2022-24891 CVE-2025-5878 Debian Bug : 1010339 1109378...

openjdk: Enhance TLS protocol support (Oracle CPU 2025-07)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0....

Important: Red Hat Security Advisory: java-21-openjdk security update

An update for java-21-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9.4 Extended Update Support, Red Hat Enterprise Linux 9, and Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

CVE-2025-30754

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0....

Azul Zulu Java Multiple Vulnerabilities (2025-07-15)

The version of Azul Zulu installed on the remote host is 7 prior to 7.79.0.12 / 8 prior to 8.87.0.14 / 11 prior to 11.81.14 / 17 prior to 17.59.16 / 21 prior to 21.43.16 / 24 prior to 24.32.14. It is, therefore, affected by multiple vulnerabilities as referenced in the 2025-07-15 advisory. -...