463 matches found
Security Bulletin: IBM Security SOAR is using components with multiple known vulnerabilities.
Summary IBM Security SOAR uses an older version of Java that may be identified and exploited. An update has been released which addresses these issues. CVE-2025-21587, CVE-2025-30698, CVE-2025-4447 Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE...
Exploit for CVE-2018-3149
log4j2-exploits https://user-images.githubusercontent.com/37479424/145661983-131eb84a-9ac5-4014-9f6b-10b69d8d7cf4.mp4 This fundamental vulnerability was reported by CVE-2018-3149 and patched by this article. 8u121 Release Notes However, the logging library for java called log4j2 had JNDILookup,...
Oracle Linux 7 : java-1.8.0-openjdk (ELSA-2025-10861)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-10861 advisory. 1:1.8.0.462.b08-1.0.1 - Update to 8u462-b08 GA Orabug: 38248370 - Update release notes for 8u462-b08. - Require tzdata 2025b due to upstream inclusion...
SUSE-SU-2025:02545-1 Security update for java-1_8_0-openj9
This update for java-180-openj9 fixes the following issues: Update to OpenJDK 8u462 build 08 with OpenJ9 0.53.0 virtual machine: - CVE-2025-30749: several scenarios can lead to heap corruption Oracle CPU 2025-07 bsc1246595 - CVE-2025-30754: incomplete handshake may lead to weakening TLS protectio...
RLSA-2025:3852 Moderate: java-17-openjdk security update
The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: JDK: Better TLS connection support CVE-2025-21587 JDK: Improve compiler transformations CVE-2025-30691 JDK: Enhance Buffered Image handling CVE-2025-30698...
RLSA-2025:10867 Important: java-17-openjdk security update
The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: JDK: Better Glyph drawing CVE-2025-30749 JDK: Enhance TLS protocol support CVE-2025-30754 JDK: Improve HTTP client header handling CVE-2025-50059 JDK:...
java-1.8.0-openjdk security update
An update is available for java-1.8.0-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime...
java-21-openjdk security update
1:21.0.8.0.9-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.8.0.9-1.1 - Update to jdk-21.0.8+9 GA - Update release notes to 21.0.8+9 - Switch to GA mode - Sync the copy of the portable specfile with the latest update - This tarball is embargoed until 2025-07-15 @ 1pm PT. - Resolves:...
CLSA-2025-1753730595 java-17-openjdk: Fix of 25 CVEs
Update to jdk-17.0.15+6 - Set bundled freetype provide version to 2.13.2 - Set bundled harfbuzz provide version to 8.2.2 - Require tzdata-java 2025a at runtime and for build - CVE-2025-21502: fix Hotspot component vulnerability allowing unauthorized access to resources and exposure of sensitive...
java-17-openj9-17.0.16.0-1.1 on GA media (moderate)
java-17-openj9-17.0.16.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:15391-1 Rating: moderate Cross-References: CVE-2025-30749 CVE-2025-50059 CVSS scores: CVE-2025-30749 SUSE : 7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H CVE-2025-30749 SUSE : 8.3...
java-1_8_0-openj9-1.8.0.462-1.1 on GA media (moderate)
java-180-openj9-1.8.0.462-1.1 on GA media Announcement ID: openSUSE-SU-2025:15392-1 Rating: moderate Cross-References: CVE-2025-30749 CVE-2025-30761 CVSS scores: CVE-2025-30749 SUSE : 7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H CVE-2025-30749 SUSE : 8.3...
java-11-openj9-11.0.28.0-1.1 on GA media (moderate)
java-11-openj9-11.0.28.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:15390-1 Rating: moderate Cross-References: CVE-2025-30749 CVE-2025-30761 CVE-2025-50106 CVSS scores: CVE-2025-30749 SUSE : 7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H CVE-2025-30749 SUSE : 8.3...
java-1.8.0-openjdk security update
1:1.8.0.462.b08-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.462.b08-1 - Update to 8u462-b08 GA - Update release notes for 8u462-b08. - Require tzdata 2025b due to upstream inclusion of JDK-8352716 - Add early backport of JDK-8339414 - Sync the copy of the portable specfile with the...
java-24-openjdk-24.0.2.0-1.1 on GA media (moderate)
java-24-openjdk-24.0.2.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:15358-1 Rating: moderate Cross-References: CVE-2025-30749 CVE-2025-30754 CVE-2025-30761 CVE-2025-50059 CVE-2025-50106 CVSS scores: CVE-2025-30749 SUSE : 7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H CVE-2025-30749 SUSE :...
Important: java-21-openjdk security update
The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fixes: JDK: Better Glyph drawing CVE-2025-30749 JDK: Enhance TLS protocol support CVE-2025-30754 JDK: Improve HTTP client header handling CVE-2025-50059 JDK: Better...
RHSA-2025:8431 Red Hat Security Advisory: java-1.8.0-ibm security update
Bulletin has no description...
SUSE-SU-2025:01788-1 Security update for java-1_8_0-ibm
This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 45. Security issues fixed: - Oracle April 15 2025 CPU bsc1242208 CVE-2025-21587: unauthorized access, deletion and modification of critical data via the JSSE component bsc1241274. CVE-2025-30691...
SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2025:01770-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01770-1 advisory. Update to Java 8.0 Service Refresh 8 Fix Pack 45. Security issues fixed: - Oracle April 15 2025 CPU bsc1242208 CVE-2025-21587: unauthorized...
openSUSE Security Advisory (SUSE-SU-2025:1525-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : java-17-openjdk (SUSE-SU-2025:1490-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1490-1 advisory. Update to upstream tag jdk-17.0.15+6 April 2025 CPU CVEs: + CVE-2025-21587: Fixed JSSE...