Linux Distros Unpatched Vulnerability : CVE-2018-2795

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE:...

Linux Distros Unpatched Vulnerability : CVE-2017-10356

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE:...

Netty 资源管理错误漏洞

Netty is a non-blocking I/O client-server framework from the Netty community, which is primarily used to develop Java web applications such as protocol servers and clients. A resource management error vulnerability exists in Netty 4.1.118.Final and earlier versions, which stems from a non-existen...

Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk & java-latest-openjdk packages fix security vulnerability

A difficult to exploit vulnerability allows unauthenticated attackers with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to Oracle Java SE accessible. This vulnerability can b...

RHEL 8 / 9 : Red Hat JBoss Web Server 6.0.5 (RHSA-2025:0342)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:0342 advisory. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache...

[SECURITY] [DLA 4017-1] tomcat9 security update

Debian LTS Advisory DLA-4017-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany January 17, 2025 https://wiki.debian.org/LTS Package : tomcat9 Version : 9.0.43-2deb11u11 CVE ID : CVE-2024-21733 CVE-2024-38286 CVE-2024-50379 CVE-2024-52316 CVE-2024-56337 Several...

vulnerability scanner

This is a Java-based web vulnerability scanner. The tool is classified as an offensive tool for web vulnerability scanning. The primary vulnerability being targeted is not explicitly stated, but based on the code and metadata, it appears to be a web application scanner that can perform SQL...

Apache Struts 安全漏洞

Apache Struts is the United States Apache Apache Foundation, an open source project , is a set of open source MVC framework for creating enterprise-class Java Web applications , mainly provides two versions of the framework products , Struts 1 and Struts 2. Apache Struts has a file upload...

OESA-2024-2419 undertow security update

Java web server using non-blocking IO Security Fixes: A flaw was found in Undertow package. Using the FormAuthenticationMechanism, a malicious user could trigger a Denial of Service by sending crafted requests, leading the server to an OutofMemory error, exhausting the server's memory.CVE-2023-19...

JDK: Array indexing integer overflow (8328544)

Vulnerability in Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4 and 23. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java...

CVE-2024-21208

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23;...

UBUNTU-CVE-2024-6763

Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing. The HttpURI class does insufficient validation on the authority segment of a URI. However the behaviour of HttpURI differs from the common browser...

CentOS 7 : java-1.7.1-ibm (RHSA-2020:3388)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3388 advisory. - In Eclipse OpenJ9 prior to version 0.21 on Power platforms, calling the System.arraycopy method with a length longer than the length of the source or...

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 6.0.3 release and security update

Red Hat JBoss Web Server 6.0.3 zip release is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows Server. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...

RHEL 8 / 9 : Red Hat JBoss Web Server 6.0.3 (RHSA-2024:4976)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4976 advisory. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the...

CVE-2024-21144

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Concurrency. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability...

Oracle OpenJDK 8.x - 11.x Vulnerability (Jul 2024)

Oracle OpenJDK is prone to a vulnerability in the core-libs/java.util component. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2024-21138

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0....

Debian dsa-5672 : openjdk-17-dbg - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5672 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported...

DEBIAN-CVE-2024-21011

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10, 21.0.2, 22; Oracl...