MiracleLinux 8 : java-21-openjdk-21.0.9.0.10-1.el8.ML.1 (AXSA:2025-11029:17)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11029:17 advisory. JDK: Enhance Path Factories CVE-2025-53066 JDK: Enhance Certificate Handling CVE-2025-53057 JDK: Enhance String Handling CVE-2025-61748 Tenable has...

MiracleLinux 7 : java-11-openjdk-11.0.28.0.6-1.0.1.el7.AXS7 (AXSA:2025-10837:04)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10837:04 advisory. JDK: Better Glyph drawing CVE-2025-30749 JDK: Enhance TLS protocol support CVE-2025-30754 JDK: Improve scripting supports CVE-2025-30761 JDK: Impro...

MiracleLinux 7 : java-11-openjdk-11.0.29.0.7-1.0.1.el7.AXS7 (AXSA:2025-11568:05)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11568:05 advisory. Upgrade to openjdk-11.0.29+7 GA. CVEs: CVE-2025-53066 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Editio...

MiracleLinux 8 : java-21-openjdk-21.0.7.0.6-1.el8.ML.1 (AXSA:2025-9872:06)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9872:06 advisory. JDK: Better TLS connection support CVE-2025-21587 JDK: Improve compiler transformations CVE-2025-30691 JDK: Enhance Buffered Image handling...

MiracleLinux 8 : java-1.8.0-openjdk-1.8.0.462.b08-2.el8 (AXSA:2025-10573:11)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10573:11 advisory. JDK: Better Glyph drawing CVE-2025-30749 JDK: Enhance TLS protocol support CVE-2025-30754 JDK: Improve scripting supports CVE-2025-30761 JDK: Bette...

MiracleLinux 9 : java-21-openjdk-21.0.9.0.10-1.el9.ML.1 (AXSA:2025-11028:16)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11028:16 advisory. JDK: Enhance Path Factories CVE-2025-53066 JDK: Enhance Certificate Handling CVE-2025-53057 JDK: Enhance String Handling CVE-2025-61748 Tenable has...

MiracleLinux 8 : java-17-openjdk-17.0.16.0.8-2.el8 (AXSA:2025-10574:10)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10574:10 advisory. JDK: Better Glyph drawing CVE-2025-30749 JDK: Enhance TLS protocol support CVE-2025-30754 JDK: Improve HTTP client header handling CVE-2025-50059...

MiracleLinux 9 : java-17-openjdk-17.0.14.0.7-2.el9.ML.1 (AXSA:2025-9583:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9583:02 advisory. JDK: Enhance array handling CVE-2025-21502 Bug Fixes: The Red Hat OpenJDK packages rely on the copy-jdk-configs package to transfer configuration files to a...

MiracleLinux 9 : java-21-openjdk-21.0.7.0.6-1.el9.ML.1 (AXSA:2025-9870:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9870:05 advisory. JDK: Better TLS connection support CVE-2025-21587 JDK: Improve compiler transformations CVE-2025-30691 JDK: Enhance Buffered Image handling...

MiracleLinux 8 : java-21-openjdk-21.0.8.0.9-1.el8.ML.1 (AXSA:2025-10611:10)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10611:10 advisory. JDK: Better Glyph drawing CVE-2025-30749 JDK: Enhance TLS protocol support CVE-2025-30754 JDK: Improve HTTP client header handling CVE-2025-50059...

MiracleLinux 8 : java-17-openjdk-17.0.17.0.10-1.el8 (AXSA:2025-11017:16)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11017:16 advisory. JDK: Enhance Path Factories CVE-2025-53066 JDK: Enhance Certificate Handling CVE-2025-53057 Tenable has extracted the preceding description block...

lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing

A flaw was found in lz4-java. This vulnerability allows disclosure of sensitive data via crafted compressed input due to insufficient clearing of the output buffer in Java-based decompressor implementations...

Important: Red Hat Security Advisory: Red Hat Build of Apache Camel 4.10 for Quarkus 3.20 update is now available (RHBQ 3.20.4.SP1)

An update for Red Hat Build of Apache Camel 4.10 for Quarkus 3.20 update is now available RHBQ 3.20.4.SP1. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Red Hat Product...

lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing

A flaw was found in lz4-java. This vulnerability allows disclosure of sensitive data via crafted compressed input due to insufficient clearing of the output buffer in Java-based decompressor implementations...

CVE-2025-69275 Spectrum outdated java library in class-path

Dependency on Vulnerable Third-Party Component vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows DOM-Based XSS.This issue affects DX NetOps Spectrum: 24.3.9 and earlier...

CVE-2025-69275 Spectrum outdated java library in class-path

Dependency on Vulnerable Third-Party Component vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows DOM-Based XSS.This issue affects DX NetOps Spectrum: 24.3.9 and earlier...

CVE-2025-69275

The CVE describes a dependency on a vulnerable third-party component in Broadcom DX NetOps Spectrum, affecting version 24.3.9 and earlier, on Windows and Linux. The underlying issue is DOM-Based XSS triggered by the vulnerable component in the product’s runtime environment. Impact is limited to t...

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 Vulnerability Detection and Exploitation Tool...

Security Bulletin: A vulnerability in IBM Java SDK and IBM Java Runtime affects IBM® Db2®. (Oct 2025 CPU)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7.1.5.26 and earlier, 8.0.8.50 and earlier, and IBM Semeru Version 21.0.8.0 and earlier used by IBM® Db2®. These issues were disclosed as part of the IBM Java SDK updates in October 2025. Vulnerability Details...

Security Bulletin: Multiple vulnerabilities in IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Manager (CVE-2025-53066, CVE-2025-53057).

Summary Multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 17, used by IBM Tivoli Network Manager IP Edition v4.2 core components. Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow a remote...