Buffer overflow

Vulnerability in the Oracle Banking Virtual Account Management product of Oracle Financial Services Applications component: OBVAM Internal Tfr Domain. Supported versions that are affected are 14.5, 14.6 and 14.7. Difficult to exploit vulnerability allows high privileged attacker with network acce...

Design/Logic Flaw

Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications component: Core. Supported versions that are affected are Prior to 6.3.1.3 and Prior to 7.0.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

CBL Mariner 2.0 Security Update: mysql (CVE-2022-21486)

The version of mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-21486 advisory. - Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions th...

Medium: java-1.8.0-openjdk

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JNDI. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0...

K91117041: Oracle Java SE vulnerability CVE-2019-2745, CVE-2019-2762

Security Advisory Description CVE-2019-2745 Vulnerability in the Java SE component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 7u221, 8u212 and 11.0.3. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructu...

K16496491: Multiple Java vulnerabilities

Security Advisory Description CVE-2020-2754 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Scripting. Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated...

K02620788: OpenJDK vulnerabilities CVE-2019-2977, CVE-2019-2996, and CVE-2019-2975

Security Advisory Description CVE-2019-2977 Vulnerability in the Java SE product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to...

K71021401: Oracle Java SE vulnerability CVE-2018-2796

Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Concurrency. Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows...

K62701550: Multiple Java vulnerabilities

Security Advisory Description CVE-2022-21248 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4...

K63415246: Multiple Java vulnerabilities CVE-2021-35560, CVE-2021-35561, CVE-2021-35564, CVE-2021-35567, CVE-2021-35586

Security Advisory Description CVE-2021-35560 Vulnerability in the Java SE product of Oracle Java SE component: Deployment. The supported version that is affected is Java SE: 8u301. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to...

SUSE CVE-2019-2977

Vulnerability in the Java SE product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of th...

SUSE CVE-2020-2654

Vulnerability in the Java SE product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE...

EulerOS 2.0 SP8 : java-1.8.0-openjdk (EulerOS-SA-2023-1319)

According to the versions of the java-1.8.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported...

Debian dla-3307 : openjdk-11-dbg - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3307 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3307-1 [email protected]...

CVE-2023-21874

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Thread Pooling. Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successfu...

CVE-2023-21835

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Easily exploitable vulnerability allows...

RHEL 8 : java-17-openjdk (RHSA-2023:0192)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0192 advisory. The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixe...

Oracle Linux 8 : java-11-openjdk (ELSA-2023-0200)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-0200 advisory. 1:11.0.18.0.10-1 - Update to jdk-11.0.18+10 GA - Update release notes to 11.0.18+10 - Switch to GA mode for release - This tarball is embargoed until...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.5.1.8)

The version of AOS installed on the remote host is prior to 6.5.1.8. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.5.1.8 advisory. - libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674 - If Apache Tomcat 8.5.0...

SUSE SLES12 Security Update : libdb-4_8 (SUSE-SU-2022:4289-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:4289-1 advisory. - CVE-2019-2708: Fixed partial DoS due to data store execution bsc1174414. Tenable has extracted the preceding description block directly fr...