CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

92 matches found

RedHat Linux•added 2026/02/04 5:16 a.m.•1 views

lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing

A flaw was found in lz4-java. This vulnerability allows disclosure of sensitive data via crafted compressed input due to insufficient clearing of the output buffer in Java-based decompressor implementations...

8.2CVSS5.9AI score0.00066EPSS

Exploits0References6

RedHat Linux•added 2026/02/04 5:16 a.m.•0 views

lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure

A flaw was found in lz4-java. This vulnerability allows remote attackers to cause denial of service DoS and read adjacent memory via untrusted compressed input. This vulnerability affects only programs using the unsafe LZ4decompressfast API, known as the "fast" decompressor...

8.8CVSS5.8AI score0.00103EPSS

Exploits0References6

RedHat Linux•added 2026/02/04 4:47 a.m.•4 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.4 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 8.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS7.1AI score0.00103EPSS

Exploits0References22

RedHat Linux•added 2026/02/04 4:47 a.m.•0 views

lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing

8.2CVSS5.9AI score0.00066EPSS

Exploits0References6

RedHat Linux•added 2026/02/04 4:47 a.m.•0 views

lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure

8.8CVSS5.8AI score0.00103EPSS

Exploits0References6

Tenable Nessus•added 2026/02/04 12:0 a.m.•4 views

RHEL 8 : Red Hat JBoss Enterprise Application Platform 8.1.4 (RHSA-2026:1870)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1870 advisory. Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release o...

8.8CVSS5.6AI score0.00103EPSS

Exploits0References27

Tenable Nessus•added 2026/02/04 12:0 a.m.•2 views

RHEL 9 : Red Hat JBoss Enterprise Application Platform 8.1.4 (RHSA-2026:1871)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1871 advisory. Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release o...

8.8CVSS7.3AI score0.00103EPSS

Exploits0References27

Tenable Nessus•added 2026/02/04 12:0 a.m.•2 views

RHEL 9 : JMC update (Important) (RHSA-2026:1823)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:1823 advisory. JDK Mission Control JMC is a powerful profiler for HotSpot JVMs and has an advanced set of tools that enables efficient and detailed analysis of the...

8.2CVSS5.5AI score0.00066EPSS

Exploits0References4

RedHat Linux•added 2026/02/03 1:51 p.m.•1 views

lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing

8.2CVSS5.9AI score0.00066EPSS

Exploits0References6

IBM Security Bulletins•added 2026/02/02 12:48 p.m.•7 views

Security Bulletin: There is a vulnerability in lz4-java-1.8.1.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2025-66566)

Summary There is a vulnerability in lz4-java-1.8.1.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2025-66566 DESCRIPTION: yawkat LZ4 Java provides LZ4 compression for Java. Insufficient clearing of the output buffer in Java-based...

8.2CVSS5.7AI score0.00066EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/02/02 12:5 p.m.•9 views

Security Bulletin: There is a vulnerability in lz4-java-1.7.1.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2025-12183)

Summary There is a vulnerability in lz4-java-1.7.1.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2025-12183 DESCRIPTION: Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of...

8.8CVSS5.5AI score0.00103EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/01/30 5:46 a.m.•8 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses lz4-java-1.8.0.jar which is vulnerable to CVE-2025-12183, CVE-2025-66566.

Summary IBM Maximo Application Suite - Monitor Component uses lz4-java-1.8.0.jar which is vulnerable to CVE-2025-12183, CVE-2025-66566. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-66566 DESCRIPTION: yawkat LZ4 Java provides...

8.8CVSS6AI score0.00103EPSS

Exploits0Affected Software1

Tenable Nessus•added 2026/01/23 12:0 a.m.•5 views

Oracle Essbase Information Disclosure Vulnerability (January 2026 CPU)

The version of Oracle Essbase installed on the remote host is missing a security patch from the January 2026 Critical Patch Update CPU. It is, therefore, affected by: - yawkat LZ4 Java provides LZ4 compression for Java. Insufficient clearing of the output buffer in Java-based decompressor...

8.2CVSS7.5AI score0.00066EPSS

Exploits0References3

Rockylinux•added 2026/01/21 9:4 a.m.•3 views

jmc security update

An update is available for jmc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list JDK Mission Control is a powerful profiler for HotSpot JVMs and has an advanced s...

8.2CVSS5.7AI score0.00066EPSS

Exploits0

Tenable Nessus•added 2026/01/21 12:0 a.m.•3 views

MiracleLinux 9 : jmc-8.2.0-18.el9_7.2 (AXSA:2026-058:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2026-058:01 advisory. lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing CVE-2025-66566 Tenable has extracted the preceding description block direct...

8.2CVSS7.4AI score0.00066EPSS

Exploits0References2

Tenable Nessus•added 2026/01/21 12:0 a.m.•2 views

RockyLinux 9 : jmc (RLSA-2026:0752)

The remote RockyLinux 9 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2026:0752 advisory. lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing CVE-2025-66566 Tenable has extracted the preceding description block directly...

8.2CVSS7.5AI score0.00066EPSS

Exploits0References3

Tenable Nessus•added 2026/01/21 12:0 a.m.•2 views

AlmaLinux 9 : jmc (ALSA-2026:0752)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:0752 advisory. lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing CVE-2025-66566 Tenable has extracted the preceding description block directly fr...

8.2CVSS7.5AI score0.00066EPSS

Exploits0References3

RedHat Linux•added 2026/01/19 3:34 a.m.•4 views

Important: Red Hat Security Advisory: Red Hat build of Cryostat security update

An update is now available for the Red Hat build of Cryostat 4 on RHEL 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

8.2CVSS6.6AI score0.00066EPSS

Exploits1References3

RedHat Linux•added 2026/01/19 1:17 a.m.•2 views

lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing

8.2CVSS5.9AI score0.00066EPSS

Exploits0References6

RedHat Linux•added 2026/01/19 1:17 a.m.•4 views

Important: Red Hat Security Advisory: jmc security update

An update for jmc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

8.2CVSS7.2AI score0.00066EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by