10 matches found
USN-7997-1 openjdk-17-crac vulnerabilities
It was discovered that the RMI component of CRaC JDK 17 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...
MiracleLinux 8 : java-17-openjdk-17.0.15.0.6-2.el8 (AXSA:2025-9892:08)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9892:08 advisory. JDK: Better TLS connection support CVE-2025-21587 JDK: Improve compiler transformations CVE-2025-30691 JDK: Enhance Buffered Image handling...
RockyLinux 10 : java-25-openjdk (RLSA-2025:21485)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:21485 advisory. JDK: Enhance Path Factories CVE-2025-53066 JDK: Enhance Certificate Handling CVE-2025-53057 JDK: Enhance String Handling CVE-2025-61748 Tenable has...
EUVD-2023-2849
Malicious code in bioql PyPI...
Ubuntu 25.04 : CRaC JDK 21 vulnerabilities (USN-7673-1)
The remote Ubuntu 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7673-1 advisory. It was discovered that the 2D component of CRaC JDK 21 did not properly manage memory under certain circumstances. An attacker could possibly use this issue ...
Ubuntu 24.10 / 25.04 : CRaC JDK 21 vulnerabilities (USN-7531-1)
The remote Ubuntu 24.10 / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7531-1 advisory. Alicja Kario discovered that the JSSE component of CRaC JDK 21 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain...
USN-7339-1: CRaC JDK 21 vulnerabilities
Andy Boothe discovered that the Networking component of CRaC JDK 21 did not properly handle access under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. CVE-2024-21208 It was discovered that the Hotspot component of CRaC JDK 21 did no...
Ubuntu 24.10 : CRaC JDK 17 vulnerabilities (USN-7338-1)
The remote Ubuntu 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7338-1 advisory. Andy Boothe discovered that the Networking component of CRaC JDK 17 did not properly handle access under certain circumstances. An unauthenticated attacker...
RockyLinux 8 / 9 : java-1.8.0-openjdk (RLSA-2024:8117)
The remote RockyLinux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:8117 advisory. giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function CVE-2023-48161 JDK: Array indexing integer overflow 8328544 CVE-2024-2121...
CVE-2008-3111
Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrated by a an application that grants itself...