SUSE SLES15: java-1_8_0-openjdk / java-1_8_0-openjdk-accessibility / etc (SUSE-SU-2023:2242-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2242-1 advisory. - Updated to version jdk8u372 icedtea-3.27.0: - CVE-2023-21930: Fixed an issue in the JSSE component that could allow...

SUSE SLES12: java-1_8_0-openjdk / java-1_8_0-openjdk-demo / etc (SUSE-SU-2023:2238-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2238-1 advisory. - Updated to version jdk8u372 icedtea-3.27.0: - CVE-2023-21930: Fixed an issue in the JSSE component that could allow an attacker t...

K000134636: Java vulnerabilities CVE-2018-2942 and CVE-2018-2938

Security Advisory Description CVE-2018-2942 Vulnerability in the Java SE component of Oracle Java SE subcomponent: Windows DLL. Supported versions that are affected are Java SE: 7u181 and 8u172. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

SUSE SLED15: java-11-openjdk / java-11-openjdk-demo / java-11-openjdk-devel / etc (SUSE-SU-2023:2222-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2222-1 advisory. Upgrade to upsteam tag jdk-11.0.19+7 April 2023 CPU: - CVE-2023-21930: Fixed AES support...

OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...

Important: java-1.8.0-openjdk

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficul...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.5.3)

The version of AOS installed on the remote host is prior to 6.5.3. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.5.3 advisory. - net/netfilter/nftablesapi.c in the Linux kernel through 5.18.1 allows a local user able to create user/net namespaces to escala...

Improper Input Validation

OpenJDK is vulnerable to Improper Input Validation. An attacker can update, insert or delete access to some of Oracle Java SE and Oracle GraalVM Enterprise Edition accessible data through multiple protocols...

Improper Input Validation

OpenJDK is vulnerable to Improper Input Validation. An attacker can update, insert or delete access to some of Oracle Java SE and Oracle GraalVM Enterprise Edition accessible data through multiple protocols...

Improper Input Validation

OpenJDK is vulnerable to Improper Input Validation. An attacker can update, insert or delete access to some of Oracle Java SE and Oracle GraalVM Enterprise Edition accessible data through multiple protocols...

The vulnerability of the Networking component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows attackers to manipulate data.

The vulnerability of the Networking component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine exists due to insufficient testing of input data. Exploiting this vulnerability allows a malicious actor to manipulate data remotely...

The vulnerability of the Swing component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows attackers to manipulate data.

The vulnerability of the Swing component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine exists due to insufficient testing of input data. Exploiting this vulnerability allows a remote attacker to manipulate data...

The vulnerability of the JSE component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows a hacker to induce a service failure.

The vulnerability of the JSE component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the Libraries component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Libraries component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine exists due to insufficient testing of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, ...

The vulnerability of the Libraries component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Libraries component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine exists due to insufficient testing of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, ...

K000134579: OpenJDK vulnerabilities CVE-2019-2818 and CVE-2019-2821

Security Advisory Description CVE-2019-2818 Vulnerability in the Java SE component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

K000134570: OpenJDK vulnerability CVE-2023-21937

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5...

SUSE SLED15: java-17-openjdk / java-17-openjdk-demo / java-17-openjdk-devel / etc (SUSE-SU-2023:2110-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2110-1 advisory. Update to upstrem tag jdk-17.0.7+7 April 2023 CPU Security fixes: - CVE-2023-21930: Fixed AES...

SUSE SLES12: java-11-openjdk / java-11-openjdk-demo / java-11-openjdk-devel / etc (SUSE-SU-2023:2109-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2109-1 advisory. Upgrade to upsteam tag jdk-11.0.19+7 April 2023 CPU: - CVE-2023-21930: Fixed AES support bsc1210628. - CVE-2023-21937: Fixed String...

Security Bulletin: Oracle Java SE is vulnerable to CVE-2022-21271 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses Oracle Java SE which is vulnerable to CVE-2022-21271. Vulnerability Details CVEID:CVE-2022-21271 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Libraries component could allow an unauthenticated attacker to...