Security Bulletin: Multiple vulnerabilities in the IBM SDK for Java™ Technology Edition April 2015 CPU affect WebSphere Process Server

Summary There are multiple vulnerabilities in IBM SDK for Java™ Technology Edition that is used by WebSphere Process Server. These issues were disclosed as part of the IBM SDK for Java Technology Edition updates in April 2015. Vulnerability Details CVEID: CVE-2015-0488 DESCRIPTION: An unspecified...

Amazon Linux 2 : java-1.7.0-openjdk (ALAS-2022-1835)

The version of java-1.7.0-openjdk installed on the remote host is prior to 1.7.0.321-2.6.28.2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1835 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE...

Exploit for SQL Injection in Zabbix

This is a comprehensive and well-structured vulnerability hub repository. Here's a concise analysis of the provided information: Classification: It is an offensive tool for various vulnerability exploitation and testing purposes. CVE IDs: The repository contains references to several CVE IDs,...

Important: java-1.7.0-openjdk

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to...

Important: java-11-openjdk

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily...

Important: java-1.7.0-openjdk

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to...

Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2022-1633)

The version of java-1.7.0-openjdk installed on the remote host is prior to 1.7.0.321-2.6.28.1.86. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1633 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE...

SUSE SLES12: java-1_8_0-ibm / java-1_8_0-ibm-alsa / java-1_8_0-ibm-devel / etc (SUSE-SU-2022:3152-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3152-1 advisory. Note: the issues listed below were NOT fixed with the previous update 8.0-7.11. - Update to Java 8.0 Service Refresh 7 Fix Pack 15...

Security Bulletin: Multiple vulnerabilities have been identified in Oracle April 2022 CPU for Java 8 shipped with IBM® Intelligent Operations Center(CVE-2022-21496, CVE-2022-21434, CVE-2022-21443)

Summary Multiple vulnerabilities have been identified in Oracle April 2022 CPU for Java 8 shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability...

Security Bulletin: Multiple vulnerabilities have been identified in Oracle October 2021 CPU for Java 8 shipped with IBM® Intelligent Operations Center (CVE-2021-35560, CVE-2021-35586, CVE-2021-35578, CVE-2021-35564, CVE-2021-35559, CVE)

Summary Multiple vulnerabilities have been identified in Oracle October 2021 CPU for Java 8 which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs...

Amazon Linux 2022 : java-11-amazon-corretto, java-11-amazon-corretto-devel, java-11-amazon-corretto-headless (ALAS2022-2022-112)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-112 advisory. Generated code produced by C1 may leak a package-private class to a class from a different package. CVE-2022-21540 MethodHandle.invokeBasic method can be accessed on byte code level from an...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.5.1.5)

The version of AOS installed on the remote host is prior to 6.5.1.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.5.1.5 advisory. - In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authenticati...

Amazon Linux 2022 : java-1.8.0-amazon-corretto, java-1.8.0-amazon-corretto-devel (ALAS2022-2022-111)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-111 advisory. Generated code produced by C1 may leak a package-private class to a class from a different package. CVE-2022-21540 MethodHandle.invokeBasic method can be accessed on byte code level from an...

Amazon Linux 2022 : java-17-amazon-corretto, java-17-amazon-corretto-devel, java-17-amazon-corretto-headless (ALAS2022-2022-121)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-121 advisory. Generated code produced by C1 may leak a package-private class to a class from a different package. CVE-2022-21540 MethodHandle.invokeBasic method can be accessed on byte code level from an...

Amazon Linux 2022 : java-1.8.0-amazon-corretto, java-1.8.0-amazon-corretto-devel (ALAS2022-2022-119)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-119 advisory. Generated code produced by C1 may leak a package-private class to a class from a different package. CVE-2022-21540 MethodHandle.invokeBasic method can be accessed on byte code level from an...

Amazon Linux 2022 : java-latest-openjdk, java-latest-openjdk-demo, java-latest-openjdk-devel (ALAS2022-2022-037)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-037 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 7u321, 8u311,...

Amazon Linux 2022 : java-17-amazon-corretto, java-17-amazon-corretto-devel, java-17-amazon-corretto-headless (ALAS2022-2022-113)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-113 advisory. Generated code produced by C1 may leak a package-private class to a class from a different package. CVE-2022-21540 MethodHandle.invokeBasic method can be accessed on byte code level from an...

Amazon Linux 2022 : java-11-amazon-corretto, java-11-amazon-corretto-devel, java-11-amazon-corretto-headless (ALAS2022-2022-120)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-120 advisory. Generated code produced by C1 may leak a package-private class to a class from a different package. CVE-2022-21540 MethodHandle.invokeBasic method can be accessed on byte code level from an...

Amazon Linux 2022 : java-11-openjdk, java-11-openjdk-demo, java-11-openjdk-devel (ALAS2022-2022-047)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-047 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 7u321, 8u311,...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.11.2.1)

The version of AOS installed on the remote host is prior to 5.11.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.11.2.1 advisory. - In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and...