MiracleLinux 7 : xmlrpc-3.1.3-9.el7 (AXSA:2018-3132:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3132:01 advisory. xmlrpc: Deserialization of untrusted Java object through tag CVE-2016-5003 Tenable has extracted the preceding description block directly from the MiracleLin...

MiracleLinux 4 : icedtea-web-1.6.2-1.0.1.AXS4 (AXSA:2016-504:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2016-504:01 advisory. The IcedTea-Web project provides a Java web browser plugin, an implementation of Java Web Start originally based on the Netx project and a settings...

MiracleLinux 7 : java-1.6.0-openjdk-1.6.0.39-1.13.11.0.0.1.el7.AXS7 (AXSA:2016-503:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-503:02 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2016-0686 Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and...

MiracleLinux 4 : java-1.7.0-openjdk-1.7.0.241-2.6.20.0.AXS4 (AXSA:2019-4343:05)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4343:05 advisory. OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler Networking, 8223892 CVE-2019-2978 OpenJDK: Incorrect handling of HTTP proxy...

MiracleLinux 4 : java-1.8.0-openjdk-1.8.0.181-3.b13.AXS4 (AXSA:2018-3264:03)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3264:03 advisory. OpenJDK: insufficient index validation in PatternSyntaxException getMessage Concurrency, 8199547 CVE-2018-2952 Tenable has extracted the preceding descriptio...

MiracleLinux 4 : java-1.8.0-openjdk-1.8.0.121-0.b13.AXS4 (AXSA:2017-1272:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1272:02 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2016-5546 RESERVED This candidate has been reserved by an organization...

lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing

A flaw was found in lz4-java. This vulnerability allows disclosure of sensitive data via crafted compressed input due to insufficient clearing of the output buffer in Java-based decompressor implementations...

Security Bulletin: Multiple security vulnerabilities in Java may affect IBM Robotic Process Automation

Summary Multiple security vulnerabilities in Java affect IBM Robotic Process Automation. Java is used by IBM Robotic Process Automation as part of metrics and licening, and UMS. This bulletin identifies the fixes required to address these vulnerabilities. Vulnerability Details CVEID:CVE-2025-5005...

Security Bulletin: Bouncy Castle for Java BC-FJA NativeLoader Resource Consumption Issue, affects watsonx.data

Summary Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips API modules allows Excessive Allocation. This vulnerability is associated with program files org.Bouncycastle.Crypto.Fips.NativeLoader. This issue affects Boun...

GoCD: Information Disclosure via Logback Configuration Injection in GoCD Agent

Summary The GoCD Agent's logging mechanism Logback allows for property substitution and custom configuration loading. By default, the config directory might not exist in the installation path. However, if an attacker creates this directory and places a specially crafted agent-launcher-logback.xml...

CVE-2026-0500

Due to the usage of vulnerable third party component in SAP Wily Introscope Enterprise Manager WorkStation, an unauthenticated attacker could create a malicious JNLP Java Network Launch Protocol file accessible by a public facing URL. When a victim clicks on the URL the accessed Wily Introscope...

MiracleLinux 3 : xerces-j2-2.7.1-7jpp.2.3AXS3 (AXSA:2009-426:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2009-426:01 advisory. Xerces2 is the next generation of high performance, fully compliant XML parsers in the Apache Xerces family. This new version of Xerces introduces the Xerces...

MiracleLinux 4 : java-1.6.0-openjdk-1.6.0.0-1.43.1.10.6.AXS4 (AXSA:2012-315:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-315:02 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2011-3571 Unspecified vulnerability in the Virtual Desktop Infrastructu...

MiracleLinux 4 : java-1.6.0-openjdk-1.6.0.0-1.39.b17.AXS4 (AXSA:2011-61:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-61:02 advisory. The Java Platform Standard Edition Development Kit JDK includes both the runtime environment Java virtual machine, the Java platform classes and...

MiracleLinux 4 : sblim-cim-client2-2.1.3-2.AXS4 (AXSA:2012-596:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2012-596:01 advisory. The purpose of this package is to provide a CIM Client Class Library for Java applications. It complies to the DMTF standard CIM Operations over HTTP and...

MiracleLinux 4 : java-1.6.0-openjdk-1.6.0.0-1.39.1.9.8.AXS4 (AXSA:2011-485:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-485:03 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2011-0862 Multiple unspecified vulnerabilities in the Java Runtime...

MiracleLinux 4 : java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.AXS4 (AXSA:2012-662:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-662:03 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2012-1711 Unspecified vulnerability in the Java Runtime Environment JRE...

MiracleLinux 4 : java-1.6.0-openjdk-1.6.0.0-1.50.1.11.5.AXS4 (AXSA:2012-966:05)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-966:05 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2012-3216 Unspecified vulnerability in the Java Runtime Environment JRE...

MiracleLinux 4 : java-1.6.0-openjdk-1.6.0.0-1.42.1.10.4.AXS4 (AXSA:2012-13:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-13:01 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2011-3389 The SSL protocol, as used in certain configurations in Microso...

MiracleLinux 4 : icedtea-web-1.0.6-1.0.1.AXS4 (AXSA:2012-33:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2012-33:01 advisory. The IcedTea-Web project provides a Java web browser plugin, an implementation of Java Web Start originally based on the Netx project and a settings tool to...