Lucene search
K

14454 matches found

Tenable Nessus
Tenable Nessus
added 2021/11/05 12:0 a.m.37 views

Amazon Linux 2 : java-11-amazon-corretto (ALAS-2021-1718)

The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.13+8-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1718 advisory. There is a flaw in the xml entity encoding functionality of libxml2. An attacker who is able to supply...

8.6CVSS7AI score0.14839EPSS
Exploits0References27
Tenable Nessus
Tenable Nessus
added 2021/11/05 12:0 a.m.41 views

openSUSE 15 Security Update : java-1_8_0-openj9 (openSUSE-SU-2021:3615-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3615-1 advisory. - Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Support...

7.5CVSS6.2AI score0.14839EPSS
Exploits0References46
Amazon
Amazon
added 2021/11/04 12:0 a.m.70 views

Important: java-11-amazon-corretto

Issue Overview: There is a flaw in the xml entity encoding functionality of libxml2. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to...

8.6CVSS6.6AI score0.14839EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2021/11/03 8:54 p.m.27 views

Security Bulletin: Vulnerability in Oracle, Java SE Affecting Watson Speech Services

Summary A vulnerability in Oracle Java SE, within RedHat, affecting Watson Speech Services has been resolved. Vulnerability Details CVEID: CVE-2021-2341 DESCRIPTION: An unspecified vulnerability in Java SE related to the Networking component could allow an unauthenticated attacker to obtain...

4.3CVSS1AI score0.04238EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2021/11/02 10:21 a.m.5 views

OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitrary host (Networking, 8258432)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerability allows...

4.3CVSS7.4AI score0.04238EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/11/02 12:0 a.m.229 views

Debian DSA-5000-1 : openjdk-11 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5000 advisory. Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, incorrect Kerberos ticket use, selection of weak...

7.1CVSS6.3AI score0.14839EPSS
Exploits0References23
Tenable Nessus
Tenable Nessus
added 2021/10/28 12:0 a.m.107 views

OpenJDK 7 <= 7u311 / 8 <= 8u302 / 11.0.0 <= 11.0.12 / 13.0.0 <= 13.0.8 / 15.0.0 <= 15.0.4 / 16.0.0 <= 16.0.2 Multiple Vulnerabilities (2021-10-19

The version of OpenJDK installed on the remote host is prior to 7 = 7u311 / 8 = 8u302 / 11.0.0 = 11.0.12 / 13.0.0 = 13.0.8 / 15.0.0 = 15.0.4 / 16.0.0 = 16.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021-10-19 advisory. Please Note: Java CVEs do not always...

7.1CVSS6.2AI score0.14839EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2021/10/28 12:0 a.m.62 views

SUSE SLES12: java-11-openjdk / java-11-openjdk-demo / java-11-openjdk-devel / etc (SUSE-SU-2021:3528-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3528-1 advisory. Update to 11.0.13+8 October 2021 CPU - CVE-2021-35550, bsc1191901: Update the default enabled cipher suites preference -...

7.1CVSS6.5AI score0.14839EPSS
Exploits0References31
Veracode
Veracode
added 2021/10/26 9:56 p.m.59 views

Improper Input Validation

Java SE is vulnerable to improper input validation. an attacker can gain access to sensitive information through the JSSE component in the oracle GraalVM enterprise edition...

3.7CVSS3.2AI score0.04104EPSS
Exploits0References16Affected Software7
Veracode
Veracode
added 2021/10/26 9:56 p.m.38 views

Improper Input Validation

Java SE is vulnerable to Improper Input Validation. An attacker can perform service disruption through the Hotspot component in the oracle GraalVM enterprise edition...

3.1CVSS5.8AI score0.03599EPSS
Exploits0References15Affected Software3
Veracode
Veracode
added 2021/10/26 9:55 p.m.51 views

Improper Input Validation

Java SE is vulnerable to improper input validation. An attacker can perform service disruption through the ImageIO component in the oracle GraalVM enterprise edition...

5.3CVSS3.2AI score0.06322EPSS
Exploits0References16Affected Software7
Veracode
Veracode
added 2021/10/26 9:55 p.m.49 views

Improper Input Validation

Java SE is vulnerable to improper input validation. An attacker can perform service disruption through the JSSE component in the oracle GraalVM enterprise edition...

5.3CVSS3.1AI score0.06218EPSS
Exploits0References17Affected Software6
Veracode
Veracode
added 2021/10/26 9:55 p.m.20 views

Improper Input Validation

Java SE is vulnerable to improper input validation. An attacker can perform service disruption through the JSSE component in the oracle GraalVM enterprise edition...

5.3CVSS3.1AI score0.06886EPSS
Exploits0References21Affected Software5
Veracode
Veracode
added 2021/10/26 9:54 p.m.29 views

Improper Input Validation

Java SE is vulnerable to improper input validation. an attacker can manipulate data through the keytool component in oracle GraalVM enterprise edition...

5.3CVSS3.1AI score0.05241EPSS
Exploits0References22Affected Software7
Veracode
Veracode
added 2021/10/26 9:54 p.m.40 views

Improper Input Validation

Java SE is vulnerable to improper input validation. An attacker can perform service disruption through the utility component in the oracle GraalVM enterprise edition...

5.3CVSS3.2AI score0.06468EPSS
Exploits0References21Affected Software7
Veracode
Veracode
added 2021/10/26 9:53 p.m.31 views

Improper Input Validation

Java SE is vulnerable to improper input validation. an attacker can gain access to sensitive information through the JSSE component in the oracle GraalVM enterprise edition...

5.9CVSS3.2AI score0.06868EPSS
Exploits0References21Affected Software5
OpenVAS
OpenVAS
added 2021/10/26 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2021-2587)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.04238EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2021/10/25 12:24 p.m.5 views

OpenJDK: Excessive memory allocation in RTFReader (Swing, 8265580)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Swing. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...

5.3CVSS6.9AI score0.14839EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/10/25 12:24 p.m.2 views

OpenJDK: Excessive memory allocation in RTFParser (Swing, 8265167)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Swing. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...

5.3CVSS6.9AI score0.07819EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/10/25 12:24 p.m.3 views

OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8267735)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...

5.3CVSS6.9AI score0.06322EPSS
Exploits0References4
Rows per page
Query Builder