CVE-2026-24794 Chunk Unloading Security Vulnerability in CardboardPowered/cardboard

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in CardboardPowered cardboard src/main/java/org/cardboardpowered/impl/world modules. This vulnerability is associated with program files WorldImpl.Java. This issue affects cardboard: before 1.21.4...

EUVD-2026-4716

Integer Overflow or Wraparound vulnerability in MuntashirAkon AppManager app/src/main/java/org/apache/commons/compress/archivers/tar modules. This vulnerability is associated with program files TarUtils.Java. This issue affects AppManager: before 4.0.4...

CVE-2026-1464 A possible integer overflow vulnerability in RawTherapee/RawTherapee

Integer Overflow or Wraparound vulnerability in MuntashirAkon AppManager app/src/main/java/org/apache/commons/compress/archivers/tar modules. This vulnerability is associated with program files TarUtils.Java. This issue affects AppManager: before 4.0.4...

CVE-2026-1464

CVE-2026-1464 describes an Integer Overflow or Wraparound vulnerability in MuntashirAkon AppManager, specifically in the tar utilities (app/src/main/java/org/apache/commons/compress/archivers/tar modules, TarUtils.Java). The issue affects AppManager versions before 4.0.4. Connected records reiter...

K000159716: Oracle Java SE vulnerability CVE-2026-21947

Security Advisory Description Vulnerability in Oracle Java SE component: JavaFX. Supported versions that are affected are Oracle Java SE: 8u471-b50. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successf...

Quick-Media security vulnerabilities

Quick-Media is a multimedia service software developed by YiHui’s individual developers. Versions of Quick-Media prior to v1.0 contained security vulnerabilities. These vulnerabilities stemmed from improper encryption signature verification in the image encoding and decoding component...

PT-2026-4875

Improper Control of Generation of Code 'Code Injection' vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/png modules. This vulnerability is associated with program files PNGImageEncoder.Java. This issue affects quick-media...

OpenJDK 8 <= 8u472 / 11.0.0 <= 11.0.29 / 17.0.0 <= 17.0.17 / 21.0.0 <= 21.0.9 / 25.0.0 <= 25.0.1 Multiple Vulnerabilities (2026-01-20)

The version of OpenJDK installed on the remote host is 8 prior to 8u472 / 11.0.0 prior to 11.0.29 / 17.0.0 prior to 17.0.17 / 21.0.0 prior to 21.0.9 / 25.0.0 prior to 25.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the 2026-01-20 advisory. Please Note: Java CVEs do...

weixin4j security vulnerabilities

Weixin4j is a WeChat development toolkit personally developed by Jinyu. Weixin4j has security vulnerabilities, which stem from improper control over sequential memory allocation in the program files CharArrayBuffer.Java and ClassUtil.Java...

java-21-openjdk-21.0.10.0-1.1 on GA media (moderate)

java-21-openjdk-21.0.10.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10093-1 Rating: moderate Cross-References: CVE-2026-21925 CVE-2026-21932 CVE-2026-21933 CVE-2026-21945 CVSS scores: CVE-2026-21925 SUSE : 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N CVE-2026-21932 SUSE : 7.4...

PT-2026-4863

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in CardboardPowered cardboard src/main/java/org/cardboardpowered/impl/world modules. This vulnerability is associated with program files WorldImpl.Java. This issue affects cardboard: before 1.21.4...

RockyLinux 8 : java-1.8.0-openjdk (RLSA-2026:0932)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:0932 advisory. JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945...

java-11-openjdk-11.0.30.0-1.1 on GA media (moderate)

java-11-openjdk-11.0.30.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10091-1 Rating: moderate Cross-References: CVE-2026-21925 CVE-2026-21932 CVE-2026-21933 CVE-2026-21945 CVSS scores: CVE-2026-21925 SUSE : 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N CVE-2026-21932 SUSE : 7.4...

java-1.8.0-openjdk security update

1.8.0.482.b08-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.482.b08-1 - Update to 8u482-b08 GA. - Update release notes for 8u482-b08. - Remove generated-configure.sh changes from JDK-8141590 & FIPS patch as we already autogenerate this - Turn on system FreeType as on later JDK versio...

Cardboard security vulnerabilities

Cardboard is an open-source module development interface created by Bukkit for Fabric. Versions of cardboard prior to 1.21.4 contained security vulnerabilities. These vulnerabilities stemmed from improper restrictions on memory buffer operations, which could allow vulnerabilities in the program...

App Manager security vulnerability

App Manager is an Android package manager and viewer developed by Muntashir Al-Islam as a personal project. Versions of App Manager prior to 4.0.4 contained security vulnerabilities, which were caused by integer overflows or circular errors in the TarUtils.Java files...

TIS security vulnerabilities

TIS is an agile code development platform open source by Datavane. Versions of TIS prior to v4.3.0 contained security vulnerabilities. These vulnerabilities stemmed from the program file XmlFile.Java, which allowed unlimited uploading of dangerous type files and untrusted data deserialization...

Oracle Java SE Updates (July 2025)

Oracle Java SE Multiple Vulnerabilities July 2025 CVE-2025-50059 CVE-2025-30749 CVE-2025-50106 CVE-2025-23166 CVE-2025-30754...

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM WebSphere Application Server and WebSphere Application Server Liberty due to the January 2026 CPU

Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVEs listed in this document might affect some configurations of IBM WebSphere Application Server traditiona...

openjdk: Enhance Certificate Checking (Oracle CPU 2026-01)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17 an...