MiracleLinux 9 : java-1.8.0-openjdk-1.8.0.362.b09-2.el9 (AXSA:2023-5054:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5054:05 advisory. OpenJDK: improper restrictions in CORBA deserialization Serialization, 8285021 CVE-2023-21830 OpenJDK: soundbank URL remote loading Sound, 8293742...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.422.b05-1.0.1.el7.AXS7 (AXSA:2024-8735:15)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8735:15 advisory. OpenJDK: RangeCheckElimination array index overflow 8323231 CVE-2024-21147 OpenJDK: potential UTF8 size overflow 8314794 CVE-2024-21131 OpenJDK:...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.282.b08-1.el7 (AXSA:2021-1294:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1294:02 advisory. - Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.412.b08-1.el7 (AXSA:2024-7692:06)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7692:06 advisory. OpenJDK: long Exception message leading to crash 8319851 CVE-2024-21011 OpenJDK: integer overflow in C1 compiler address generation 8322122...

MiracleLinux 8 : java-11-openjdk-11.0.23.0.9-3.el8 (AXSA:2024-7715:09)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7715:09 advisory. OpenJDK: long Exception message leading to crash 8319851 CVE-2024-21011 OpenJDK: integer overflow in C1 compiler address generation 8322122...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.292.b10-1.el7 (AXSA:2021-1701:06)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1701:06 advisory. OpenJDK: Incomplete enforcement of JAR signing disabled algorithms 8249906 CVE-2021-2163 Tenable has extracted the preceding description block directly from...

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition for IBM Content Collector for SAP Applications

Summary Multiple Vulnerabilities were disclosed as part of the Oracle January 2026 Critical Patch Update. Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow a remote attacker to cause high confidentiality impac...

Important: Red Hat Security Advisory: Red Hat build of Cryostat security update

An update is now available for the Red Hat build of Cryostat 4 on RHEL 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

Important: Red Hat Security Advisory: jmc security update

An update for jmc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing

A flaw was found in lz4-java. This vulnerability allows disclosure of sensitive data via crafted compressed input due to insufficient clearing of the output buffer in Java-based decompressor implementations...

Important: Red Hat Security Advisory: jmc security update

An update for jmc is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing

A flaw was found in lz4-java. This vulnerability allows disclosure of sensitive data via crafted compressed input due to insufficient clearing of the output buffer in Java-based decompressor implementations...

ALSA-2026:0752 Important: jmc security update

JDK Mission Control is a powerful profiler for HotSpot JVMs and has an advanced set of tools that enables efficient and detailed analysis of the extensive data collected by JDK Flight Recorder. The tool chain enables developers and administrators to collect and analyze data from Java applications...

RHEL 9 : jmc (RHSA-2026:0751)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:0751 advisory. JDK Mission Control is a powerful profiler for HotSpot JVMs and has an advanced set of tools that enables efficient and detailed analysis of the...

Yonyou KSOA SQL injection vulnerability

Yonyou KSOA is an enterprise-level management software developed by Yonyou Corporation in China. Version 9.0 of Yonyou KSOA contains a SQL injection vulnerability, which stems from incorrect handling of the parameter “catalogid” in the file/kmc/savecatalog.jsp. This vulnerability may lead to SQL...

MiracleLinux 7 : java-1.7.0-openjdk-1.7.0.99-2.6.5.0.1.el7.AXS7 (AXSA:2016-197:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-197:01 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2016-0636 RESERVED This candidate has been reserved by an organization or...

RHEL 9 : jmc (RHSA-2026:0752)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:0752 advisory. JDK Mission Control is a powerful profiler for HotSpot JVMs and has an advanced set of tools that enables efficient and detailed analysis of the...

MiracleLinux 3 : java-1.6.0-openjdk-1.6.0.0-1.42.1.11.14.0.1.AXS3 (AXSA:2013-683:04)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-683:04 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2013-3829 Unspecified vulnerability in the Java SE, Java SE Embedded...

MiracleLinux 8 : java-11-openjdk-11.0.10.0.9-8.el8 (AXBA:2021-2043:09)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXBA:2021-2043:09 advisory. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java S...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.322.b06-1.el7 (AXSA:2022-3022:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3022:01 advisory. OpenJDK: Incomplete deserialization class filtering in ObjectInputStream Serialization, 8264934 CVE-2022-21248 OpenJDK: Insufficient URI checks in t...