Security Bulletin: Enterprise Content Managemant System Monitor for July 2025 - multiple CVEs

Summary Enterprise Content Management System Monitor is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details...

RHEL 10 / 9 : java-25-openjdk (RHSA-2026:0933)

The remote Redhat Enterprise Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0933 advisory. The OpenJDK 25 packages provide the OpenJDK 25 Java Runtime Environment and the OpenJDK 25 Java Software Development Kit. Security Fixe...

OPENSUSE-SU-2026:10092-1 java-17-openjdk-17.0.18.0-1.1 on GA media

These are all security issues fixed in the java-17-openjdk-17.0.18.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10091-1 java-11-openjdk-11.0.30.0-1.1 on GA media

These are all security issues fixed in the java-11-openjdk-11.0.30.0-1.1 package on the GA media of openSUSE Tumbleweed...

ALSA-2026:0932 Important: java-1.8.0-openjdk security update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945...

Important: java-1.8.0-openjdk security update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945...

MiracleLinux 8 : java-17-openjdk-17.0.18.0.8-1.el8 (AXSA:2026-079:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-079:02 advisory. JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945...

DSA-6110-1 openjdk-17 - security update

Bulletin has no description...

SUSE CVE-2025-66566

yawkat LZ4 Java provides LZ4 compression for Java. Insufficient clearing of the output buffer in Java-based decompressor implementations in lz4-java 1.10.0 and earlier allows remote attackers to read previous buffer contents via crafted compressed input. In applications where the output buffer is...

AlmaLinux 9 : java-17-openjdk (ALSA-2026:0927)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:0927 advisory. JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945 libpn...

AlmaLinux 10 : java-21-openjdk (ALSA-2026:0928)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:0928 advisory. JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945...

Security Bulletin: Multiple vulnerabilities in Java SE affect IBM® Db2® Big SQL on IBM Cloud Pak for Data.

Summary Multiple vulnerabilities in Java SE 8 affect IBM® Db2® Big SQL 7 on IBM Cloud Pak for Data 4 & 5 Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could allow a remote attacker to cause no confidentiality impact, ...

RHSA-2026:0928 Red Hat Security Advisory: java-21-openjdk security update

Bulletin has no description...

java-21-openjdk security update

An update is available for java-21-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environme...

SUSE CVE-2026-1225

ACE vulnerability in configuration file processing by QOS.CH logback-core up to and including version 1.5.24 in Java applications, allows an attacker to instantiate classes already present on the class path by compromising an existing logback configuration file. The instantiation of a potentially...

IBM Java 7.1 < 7.1.5.29 / 8.0 < 8.0.8.60 Multiple Vulnerabilities

The version of IBM Java installed on the remote host is 7.1 prior to 7.1.5.29 / 8.0 prior to 8.0.8.60. It is, therefore, affected by multiple vulnerabilities as referenced in the Oracle January 20 2026 CPU advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM...

Oracle Essbase Information Disclosure Vulnerability (January 2026 CPU)

The version of Oracle Essbase installed on the remote host is missing a security patch from the January 2026 Critical Patch Update CPU. It is, therefore, affected by: - yawkat LZ4 Java provides LZ4 compression for Java. Insufficient clearing of the output buffer in Java-based decompressor...

RockyLinux 8 : java-17-openjdk (RLSA-2026:0927)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:0927 advisory. JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945...

Oracle Linux 10 / 8 / 9 : java-21-openjdk (ELSA-2026-0928)

The remote Oracle Linux 10 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0928 advisory. 1:21.0.10.0.7-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.10.0.7-1 - Update to jdk-21.0.10+7 GA - Update release notes to...

RockyLinux 8 : java-21-openjdk (RLSA-2026:0928)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:0928 advisory. JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945...