Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum Control and Tivoli Storage Productivity Center (CVE-2017-3511, CVE-2017-10115, CVE-2017-10116)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped and used by IBM Spectrum Control and Tivoli Storage Productivity Center. These issues were disclosed as part of the IBM Java SDK updates in April and July 2017. Vulnerability Details CVEID: CVE-2017-35...

Security Bulletin: Vulnerabilities in IBM Java SDK affect IBM Spectrum Control and Tivoli Storage Productivity Center (CVE-2016-3485)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped and used by IBM Spectrum Control and Tivoli Storage Productivity Center. These issues were disclosed as part of the IBM Java SDK updates in July 2016. Vulnerability Details CVEID: CVE-2016-3485...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Spectrum Control and Tivoli Storage Productivity Center (CVE-2016-5597 CVE-2016-5546 CVE-2016-5548 CVE-2016-5549 CVE-2016-5547 CVE-2016-2183)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ Technology Edition that is shipped and used by IBM Spectrum Control and Tivoli Storage Productivity Center. These issues were disclosed as part of the IBM Java SDK updates in October...

Medium: java-17-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to...

Medium: java-11-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to...

Amazon Linux 2 : java-11-amazon-corretto (ALAS-2022-1753)

The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.14+9-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1753 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE...

PT-2022-2363

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 7u331, 8u321, 11.0.14, 17.0.2, 18 Oracle GraalVM Enterprise Edition versions 20.3.5, 21.3.1, 22.0.0.2 Description The issue is related to insufficient protection of sensitive data in the Libraries component of Oracle Ja...

Amazon Linux 2 : java-17-amazon-corretto (ALAS-2022-1752)

The version of java-17-amazon-corretto installed on the remote host is prior to 17.0.2+8-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1752 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE...

Debian DLA-2917-1 : openjdk-8 - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2917 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected a...

vulhub

This is an offensive tool repository for vulnerability research and exploitation. It is a collection of vulnerable environments and exploits for various software and frameworks, including CouchDB, FFmpeg, Git, and others. The repository is maintained by Vulhub, a community-driven project for...

Rocky Linux 8 : java-1.8.0-openjdk (RLSA-2021:3893)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:3893 advisory. - Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Ja...

Rocky Linux 8 : java-1.8.0-openjdk (RLSA-2022:307)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:307 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are...

Security Bulletin: Multiple vulnerabilites in IBM Java Runtime affect IBM Spectrum Protect Snapshot (formerly Tivoli Storage FlashCopy Manager) for VMware (CVE-2017-10356)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ used by IBM Spectrum Protect Snapshot formerly Tivoli Storage FlashCopy Manager for VMware. These issues were disclosed as part of the IBM Java SDK updates in October 2017. Vulnerability Details CVEID: CVE-2017-10356...

Debian DSA-5058-1 : openjdk-17 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5058 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected...

Debian DSA-5057-1 : openjdk-11 - security update

The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5057 advisory. Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, bypass of deserialization restrictions or...

Denial Of Service (DoS)

openjdk17 is vulnerable to denial of service. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle...

Denial Of Service (DoS)

openjdk is vulnerable to denial of service. It allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of servi...

Denial Of Service (DoS)

Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries is vulnerable to denial of service. It allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of...

Denial Of Service (DoS)

openjdk is vulnerable to denial of service. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to...

Remote Code Execution (RCE)

openjdk17 is vulnerable to remote code execution. It allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to...