OpenJDK: Range Check Elimination (RCE) pre-loop limit overflow (8320548)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0....

RHEL 6 : oracle_jdk (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Oracle JDK: unspecified vulnerability fixed in 6u191, 7u171, and 8u161 Security CVE-2018-2783 -...

Amazon Linux 2023 : java-1.8.0-amazon-corretto, java-1.8.0-amazon-corretto-devel (ALAS2023-2023-426)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-426 advisory. 2023-11-09: CVE-2023-22081 was added to this advisory. 2023-11-09: CVE-2023-22067 was added to this advisory. An issue was discovered in function ciMethodBlocks::makeblockat in Oracle JDK HotSp...

AlmaLinux 9 : java-1.8.0-openjdk (ALSA-2023:5733)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5733 advisory. OpenJDK: segmentation fault in ciMethodBlocks CVE-2022-40433 OpenJDK: IOR deserialization issue in CORBA 8303384 CVE-2023-22067 OpenJDK: certificate path...

AlmaLinux 8 : java-1.8.0-openjdk (ALSA-2023:5731)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5731 advisory. OpenJDK: segmentation fault in ciMethodBlocks CVE-2022-40433 OpenJDK: IOR deserialization issue in CORBA 8303384 CVE-2023-22067 OpenJDK: certificate path...

Code injection

An issue was discovered in function ciMethodBlocks::makeblockat in Oracle JDK HotSpot VM 11, 17 and OpenJDK HotSpot VM 8, 11, 17, allows attackers to cause a denial of service. Note: Vendor states that this to is Defense in Depth at most due to the nature of the issue and the special circumstance...

CVE-2022-40433

CVE-2022-40433 is rejected by its CNA as not a security issue.

CVE-2022-40433

DISPUTED An issue was discovered in function ciMethodBlocks::makeblockat in Oracle JDK HotSpot VM 11, 17 and OpenJDK HotSpot VM 8, 11, 17, allows attackers to cause a denial of service. Note: Vendor states that this to is Defense in Depth at most due to the nature of the issue and the special...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : java-11-openjdk (SUSE-SU-2023:3287-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3287-1 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK...

PT-2023-13790 · Oracle +5 · Oracle Jdk +5

Name of the Vulnerable Software and Affected Versions: Oracle JDK HotSpot VM versions 11 through 17 OpenJDK HotSpot VM versions 8 through 17 Description: An issue was discovered in the function ciMethodBlocks::make block at, allowing attackers to cause a denial of service. The vendor states that...

Security Bulletin: Multiple vulnerabilities in current IBM SDK for Java for WebSphere Application Server October 2013 CPU

Abstract Multiple security vulnerabilities exist in the IBM SDK for Java that is shipped with IBM WebSphere Application Server Content The IBM WebSphere Application Server is shipped with an IBM SDK for Java that is based on the Oracle JDK. Oracle has released October 2013 critical patch updates...

Security Bulletin: WebSphere Application Server - IBM SDK for Java June 2013 CPU

Abstract Multiple security vulnerabilites exist in the IBM SDK for Java that is shipped with IBM WebSphere Application Server. Content The IBM WebSphere Application Server is shipped with an IBM SDK for Java that is based on the Oracle JDK. Oracle has released June 2013 critical patch updates CPU...

GLSA-202209-15 : Oracle JDK/JRE: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202209-15 Oracle JDK/JRE: Multiple vulnerabilities - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java S...

Security Bulletin: Potential security vulnerabilities in IBM Java SDK used in IBM System Networking Element Manager

Summary Potential security exposure when using the Java based applications bundled in IBM System Networking Element Manager due to vulnerabilities in Java Software Developer Kits. See Vulnerability Details for CVE IDs. Vulnerability Details IBM System Networking Element Manager is bundled with th...

Security Bulletin: Tivoli Storage Productivity Center - Oracle CPU February 2012, June 2012

Summary Multiple security vulnerabilities exist in the IBM Java SDK that is shipped with IBM Tivoli Storage Productivity Center. Vulnerability Details IBM Tivoli Storage Productivity Center 4.x is shipped with an IBM Java SDK that is based on the Oracle JDK. Oracle released February 2012 and Apri...

Security Bulletin: Tivoli Storage Productivity Center - Oracle CPU February 2013, April 2013

Summary Multiple security vulnerabilities exist in the IBM Java SDK that is shipped with IBM Tivoli Storage Productivity Center. Vulnerability Details IBM Tivoli Storage Productivity Center 5.x and 4.x are shipped with an IBM Java SDK that is based on the Oracle JDK. Oracle released February 2013...

RHEL 7 : java-1.8.0-ibm (RHSA-2021:5030)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:5030 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

Moderate: Red Hat Security Advisory: java-1.7.1-ibm security update

An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 7 : java-1.7.1-ibm (RHSA-2021:3293)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3293 advisory. IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IB...

Security Bulletin: Security vulnerability in IBM Jazz Team Server affects multiple IBM Rational products based on IBM Jazz technology (CVE-2014-2421, CVE-2013-6954, CVE-2013-6629, CVE-2014-0411, CVE-2014-0416)

Summary Security vulnerabilities have been identified in the IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Collaborative Lifecycle Management CLM, Rational Requirements Composer RRC, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manage...