14450 matches found
CVE-2023-21835
CVE-2023-21835 affects Oracle Java SE and GraalVM Enterprise Edition (JSSE/DTLS handshake). An unauthenticated network attacker can exploit DTLS to cause a partial denial of service on affected Java runtimes. Affected: Oracle Java SE 11.0.17, 17.0.5, 19.0.1 and Oracle GraalVM EE 20.3.8, 21.3.4, 2...
CVE-2023-21835
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Easily exploitable vulnerability allows...
CVE-2023-21830
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vulnerability allows...
CVE-2023-21830
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vulnerability allows...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms January 2019 CPU (CVE-2018-1890, CVE-2019-2426)
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 used by IBM Tivoli System Automation for Multiplatforms 4.1.0.0 to 4.1.0.3. These issues were disclosed as part of the IBM Java SDK updates in January 2019. There are multiple vulnerabilities in IBM® SDK...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation Application Manager (CVE-2018-2783, CVE-2018-2800)
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 used by IBM Tivoli System Automation Application Manager. These issues were disclosed as part of the IBM Java SDK updates in April 2018. These issues were also addressed by WebSphere Application Server...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms (CVE-2018-2783)
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 used by IBM Tivoli System Automation for Multiplatforms 4.1.0.0 to 4.1.0.3. These issues were disclosed as part of the IBM Java SDK updates in April 2018. There are multiple vulnerabilities in IBM® SDK Java...
Security Bulletin: A vulnerability in IBM Java SDK affects IBM Tivoli System Automation Application Manager (CVE-2017-10356)
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 used by IBM Tivoli System Automation Application Manager. IBM Tivoli System Automation Application Manager has addressed the applicable CVEs. These issues were also addressed by WebSphere Application Server...
PT-2023-4769
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u351, 8u351-perf Oracle GraalVM Enterprise Edition versions 20.3.8, 21.3.4 Description The issue is related to the Serialization component in Oracle Java SE and Oracle GraalVM Enterprise Edition, allowing an...
PT-2023-3456
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1 Oracle GraalVM Enterprise Edition versions 20.3.8, 21.3.4, 22.3.0 Description A difficult to exploit vulnerability in the Oracle Java SE and Oracle GraalVM Enterprise Edition...
KLA20166 Multiple vulnerabilities in Oracle Java SE and GraalVM
Multiple vulnerabilities were found in Oracle Java SE and GraalVM. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Denial of service vulnerability in JSSE can be exploited to cause denial of...
Azul Zulu Java Multiple Vulnerabilities (2023-01-17)
The version of Azul Zulu installed on the remote host is prior to 6 6.53.0.12 / 7 7.59.0.18 / 8 8.67.0.22 / 11 11.61.18 / 13 13.53.18 / 15 15.45.18 / 17 17.39.20 / 19 19.32.14. It is, therefore, affected by multiple vulnerabilities as referenced in the 2023-01-17 advisory. - Vulnerability in the...
Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to issue due to IBM® SDK, Java™ Technology Edition (CVE-2021-2163)
Summary IBM Sterling Partner Engagement Manager has addressed all applicable Java SE CVEs published by Oracle as part of their July 2022 Critical Patch Update. Vulnerability Details CVEID:CVE-2021-2163 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could...
Security Bulletin: Vulnerabilities in Java SE affect IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data
Summary Several vulnerabilities in Java SE affect IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data. Please see the vulnerability details and apply the suggested remediation/Fixes listed below. Vulnerability Details CVEID:CVE-2021-35560 DESCRIPTION: An unspecified vulnerability in...
OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0...
OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerabili...
Moderate: Red Hat Security Advisory: java-1.8.0-ibm security update
An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JNDI. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit...
FreeBSD : cassandra3 -- multiple vulnerabilities (53caf29b-9180-11ed-acbe-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 53caf29b-9180-11ed-acbe-b42e991fc52e advisory. - Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: RMI...
RHEL 8 : java-1.8.0-ibm (RHSA-2023:0128)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0128 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...