14454 matches found
Amazon Linux 2 : java-11-amazon-corretto (ALAS-2021-1718)
The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.13+8-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1718 advisory. There is a flaw in the xml entity encoding functionality of libxml2. An attacker who is able to supply...
openSUSE 15 Security Update : java-1_8_0-openj9 (openSUSE-SU-2021:3615-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3615-1 advisory. - Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Support...
Important: java-11-amazon-corretto
Issue Overview: There is a flaw in the xml entity encoding functionality of libxml2. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to...
Security Bulletin: Vulnerability in Oracle, Java SE Affecting Watson Speech Services
Summary A vulnerability in Oracle Java SE, within RedHat, affecting Watson Speech Services has been resolved. Vulnerability Details CVEID: CVE-2021-2341 DESCRIPTION: An unspecified vulnerability in Java SE related to the Networking component could allow an unauthenticated attacker to obtain...
OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitrary host (Networking, 8258432)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerability allows...
Debian DSA-5000-1 : openjdk-11 - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5000 advisory. Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, incorrect Kerberos ticket use, selection of weak...
OpenJDK 7 <= 7u311 / 8 <= 8u302 / 11.0.0 <= 11.0.12 / 13.0.0 <= 13.0.8 / 15.0.0 <= 15.0.4 / 16.0.0 <= 16.0.2 Multiple Vulnerabilities (2021-10-19
The version of OpenJDK installed on the remote host is prior to 7 = 7u311 / 8 = 8u302 / 11.0.0 = 11.0.12 / 13.0.0 = 13.0.8 / 15.0.0 = 15.0.4 / 16.0.0 = 16.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021-10-19 advisory. Please Note: Java CVEs do not always...
SUSE SLES12: java-11-openjdk / java-11-openjdk-demo / java-11-openjdk-devel / etc (SUSE-SU-2021:3528-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3528-1 advisory. Update to 11.0.13+8 October 2021 CPU - CVE-2021-35550, bsc1191901: Update the default enabled cipher suites preference -...
Improper Input Validation
Java SE is vulnerable to improper input validation. an attacker can gain access to sensitive information through the JSSE component in the oracle GraalVM enterprise edition...
Improper Input Validation
Java SE is vulnerable to Improper Input Validation. An attacker can perform service disruption through the Hotspot component in the oracle GraalVM enterprise edition...
Improper Input Validation
Java SE is vulnerable to improper input validation. An attacker can perform service disruption through the ImageIO component in the oracle GraalVM enterprise edition...
Improper Input Validation
Java SE is vulnerable to improper input validation. An attacker can perform service disruption through the JSSE component in the oracle GraalVM enterprise edition...
Improper Input Validation
Java SE is vulnerable to improper input validation. An attacker can perform service disruption through the JSSE component in the oracle GraalVM enterprise edition...
Improper Input Validation
Java SE is vulnerable to improper input validation. an attacker can manipulate data through the keytool component in oracle GraalVM enterprise edition...
Improper Input Validation
Java SE is vulnerable to improper input validation. An attacker can perform service disruption through the utility component in the oracle GraalVM enterprise edition...
Improper Input Validation
Java SE is vulnerable to improper input validation. an attacker can gain access to sensitive information through the JSSE component in the oracle GraalVM enterprise edition...
Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2021-2587)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OpenJDK: Excessive memory allocation in RTFReader (Swing, 8265580)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Swing. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...
OpenJDK: Excessive memory allocation in RTFParser (Swing, 8265167)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Swing. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...
OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8267735)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...