CLSA-2025-1753799434 java-1.8.0-openjdk: Fix of 19 CVEs

Security fixes from OpenJDK 8u452-b09: - CVE-2025-21587: JSSE issue allowing remote access or modification of sensitive data - CVE-2025-30698: allows limited data access and partial DoS via untrusted Java code - CVE-2025-30691: allows limited data access via untrusted code using compiler APIs -...

CVE-2023-22071

Vulnerability in the PL/SQL component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having Create Session, Execute on sys.utlhttp privilege with network access via Oracle Net to...

CVE-2023-21923

Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications component: Core. Supported versions that are affected are Prior to 6.3.1.3 and Prior to 7.0.0.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2021-2049

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware component: Administration. Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2025-30698

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK: 17.0.14, 21.0.6, 24; Oracle...

CVE-2023-43850

Improper input validation in the user management function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote authenticated users to cause a partial DoS of web interface via HTTP POST request...

JDK: Unbounded allocation leads to out-of-memory error (8331446)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23;...

OESA-2024-2391 openjdk-1.8.0 security update

The OpenJDK runtime environment 8. Security Fixes: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4,...

Medium: java-17-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12...

SUSE: Security Advisory (SUSE-SU-2024:3802-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CBL Mariner 2.0 Security Update: mysql (CVE-2024-21237)

The version of mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-21237 advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication GCS. Supported...

Oracle NoSQL Database (October 2024 CPU)

The 1.5.0, 20.3.40, 21.2.71, 22.3.45, 23.3.33, and 24.1.17 versions of NoSQL Database installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2024 CPU advisory. - Vulnerability in Oracle NoSQL Database component: Administration Netty. Supported versions...

OpenJDK 8 <= 8u422 / 11.0.0 <= 11.0.24 / 17.0.0 <= 17.0.12 / 21.0.0 <= 21.0.4 / 23.0.0 <= 23.0.0 Multiple Vulnerabilities (2024-10-15)

The version of OpenJDK installed on the remote host is 8 prior to 8u422 / 11.0.0 prior to 11.0.24 / 17.0.0 prior to 17.0.12 / 21.0.0 prior to 21.0.4 / 23.0.0 prior to 23.0.0. It is, therefore, affected by multiple vulnerabilities as referenced in the 2024-10-15 advisory. Please Note: Java CVEs do...

CVE-2024-21248

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 7.0.22 and prior to 7.1.2. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

CVE-2024-21237

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication GCS. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple...

AZL-50454 CVE-2024-21231 affecting package mysql for versions less than 8.0.40-1

Vulnerability in the MySQL Server product of Oracle MySQL component: Client programs. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to...

CVE-2024-21217

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23;...

CVE-2024-21208

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23;...

CentOS 7 : java-1.7.1-ibm (RHSA-2021:3293)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3293 advisory. - Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected...

CVE-2024-21134

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Connection Handling. Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise...