From Detection to Remediation: It’s Time to Rethink AppSec Around Exploitability and Root Cause Fixes

Learn how Wiz is fundamentally changing AppSec by using the Security Graph to connect validated runtime vulnerabilities directly back to source code. Stop chasing alerts and fix what’s truly exploitable...

MiracleLinux 8 : go-toolset:rhel8 (AXSA:2023-6206:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6206:01 advisory. golang: cmd/go: go command may generate unexpected code at build time when using cgo CVE-2023-29402 golang: cmd/go: go command may execute arbitrary...

MiracleLinux 8 : dotnet6.0-6.0.118-1.el8.ML.1 (AXSA:2023-6205:16)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6205:16 advisory. dotnet: .NET Kestrel: Denial of Service processing X509 Certificates CVE-2023-29331 dotnet: vulnerability exists in NuGet where a potential race...

Security Bulletin: IBM DataPower Gateway affected by vulnerabilities in Java Runtime Environment

Summary While IBM DataPower Gateway does not use Java, some bundled components do, and the JRE has been updated proactively to address this CVE-2025-53057, CVE-2025-53066 Vulnerability Details CVEID:CVE-2025-53057 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security...

Security Bulletin: IBM DataPower Gateway affected by vulnerabilities in Java runtime

Summary Java Runtime is bundled with IBM DataPower Gateway, and used by some bundled components. CVE-2025-50059, CVE-2025-30754 Vulnerability Details CVEID:CVE-2025-50059 DESCRIPTION: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle...

GHSA-7MQH-PJFJ-W58H vulnerabilities

Vulnerabilities for packages: openjdk-21-openj9, openjdk-8-openj9, openjdk-17-openj9, openjdk-11-openj9...

Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime affecting Tivoli Netcool/OMNIbus

Summary Vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by Tivoli Netcool/OMNIbus have been addressed. Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Java SE component: Hotspot. Difficult to exploit vulnerability allows...

Security Bulletin: Multiple Security Vulnerabilities were found in IBM Java Runtime as shipped with IBM Security Verify Access and IBM Verify Identity Access

Summary Multiple Security Vulnerabilities found in IBM Java Runtime as shipped with IBM Security Verify Access and IBM Verify Identity Access have been addressed. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL component...

Security Bulletin: Multiple CVEs - Vulnerabilities in IBM Java Runtime affect IBM Integration Designer

Summary Vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by IBM Integration Designer. IBM Integration Designer has addressed the following CVEs. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL component cou...

ABB MV Drives

SUMMARY Multiple vulnerabilities regarding the CODESYS Runtime System from CODESYS Group have been publicly reported. CODESYS Runtime System v.3.5.15.0 is utilized in the firmware of ABB MV ACS6080 and ACS5000 drives to provide IEC 61131 programming capabilities. These vulnerabilities could lead...

Security Bulletin: IBM Planning Analytics is affected by vulnerabilities in IBM® Java™ Version 8, IBM® Semeru Runtime and IBM® Websphere Application Server Liberty

Summary There are vulnerabilities in IBM® Java™ Version 8 , IBM® Semeru Runtime and IBM® WebSphere Application Server Liberty used by IBM Planning Analytics and IBM Planning Analytics Workspace. Please refer to the Related Information section below for vulnerability impact. Vulnerability Details...

Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to issues in IBM Semeru Runtime version 17

Summary There are vulnerabilities in IBM Semeru Runtime version 17 used by IBM Sterling Connect:Direct for Microsoft Windows. IBM Sterling Connect:Direct for Microsoft Windows has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-21217 DESCRIPTION: Vulnerability in Java SE...

Security Bulletin: IBM Sterling External Authentication Server is vulnerable to multiple vulnerabilities due to IBM Java Runtime

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.8 used by IBM Sterling External Authentication Server. IBM Sterling External Authentication Server has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-21628 DESCRIPTION: Java SE is vulnerabl...

SUSE CVE-2008-3104

Multiple unspecified vulnerabilities in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.218, and SDK and JRE 1.3.x before 1.3.123 allow remote attackers to violate the security model for an applet's outbound...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Rational ClearCase (CVE-2018-2633, CVE-2018-2603, CVE-2018-2579, CVE-2018-2602, CVE-2018-2794, & CVE-2018-2783)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 6, 7, and 8, which are used by IBM Rational ClearCase. These issues were disclosed as part of the IBM Java SDK updates in January 2018 and April 2018. Vulnerability Details CVEID: CVE-2018-2633 DESCRIPTION: An...

Security Update for ASP.NET Core January 2018

The remote Windows host has an installation of ASP.NET Core and .NET Core SDK with a version less than 2.1.4. Therefore, the host is affected by multiple vulnerabilities: - An elevation of privilege vulnerability due to improper sanitization of web requests CVE-2018-0784 - A cross-site request...

QQ轻聊版 - Customized SSL, Dangerous filesystem permissions, Runtime privilege escalation vulnerabilities

HackApp vulnerability scanner discovered that application QQ轻聊版 published at the 'play' market has multiple vulnerabilities...

Private SMS & Call - Hide Text - Base64 encoded String, Dangerous filesystem permissions, Runtime privilege escalation vulnerabilities

HackApp vulnerability scanner discovered that application Private SMS & Call - Hide Text published at the 'play' market has multiple vulnerabilities...

IKEA Catalog - MIT license, Redefined SSL Common Names verifier, Runtime privilege escalation vulnerabilities

HackApp vulnerability scanner discovered that application IKEA Catalog published at the 'play' market has multiple vulnerabilities...

Shift planner - Dangerous filesystem permissions, Runtime privilege escalation vulnerabilities

HackApp vulnerability scanner discovered that application Shift planner published at the 'play' market has multiple vulnerabilities...