CVE-2025-8325

The software fails to enforce role-based access controls for certain Gateway API invocations. Users with the 'Internal/Everyone' role can invoke these APIs, bypassing intended permission checks. This same vulnerability also affects Internal Service APIs, potentially exposing them in WSO2 APIM 3.x...

CVE-2025-8325 Improper Access Control via Gateway API in Multiple WSO2 Products Allows Unauthorized Operations

The software fails to enforce role-based access controls for certain Gateway API invocations. Users with the 'Internal/Everyone' role can invoke these APIs, bypassing intended permission checks. This same vulnerability also affects Internal Service APIs, potentially exposing them in WSO2 APIM 3.x...

PT-2026-38784

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploi...

BIT-JAVA-2024-21235

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracl...

BIT-JAVA-MIN-2023-22025

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u381-perf, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition:...

PT-2026-37827

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE:8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK:17.0.14, 21.0.6, 24; Oracle...

PT-2026-38033

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13, 21.0.5, 23.0.1; Orac...

PT-2026-37994

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM...

ZTE Red Magic 11 Pro 安全漏洞

The ZTE Red Magic 11 Pro is a smartphone designed for high-performance gaming experiences by ZTE Corporation. The ZTE Red Magic 11 Pro NX809J has a security vulnerability that stems from a lack of verification for applications accessing service interfaces. This vulnerability may allow...

CVE-2025-43806

CVE-2025-43806 affects Liferay Portal 7.4.0–7.4.3.112 and Liferay DXP 2023.Q3.1–2023.Q3.10, 2023.Q4.0–2023.Q4.7, and 7.4 GA through update 92.** The Batch Engine’s import/export tasks do not properly enforce permissions, enabling remote authenticated users to access exported data via the REST API...

Linux Distros Unpatched Vulnerability : CVE-2025-21587

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions tha...

DEBIAN-CVE-2025-30761

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Scripting. Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf and 11.0.27; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit vulnerability allows...

PT-2024-25084 · Pal · Pal

Name of the Vulnerable Software and Affected Versions: PAL affected versions not specified Description: The issue occurs when the PAL client calls PAL service APIs by passing a random value as a handle, and the handle is not validated by the service, resulting in memory corruption. Recommendation...

OpenJDK: C2 compilation fails with "Exceeded _node_regs array" (8317507)

A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalV...

OpenJDK: arbitrary Java code execution in Nashorn (8314284)

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or...

PT-2022-6851

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 7u321, 8u311, 11.0.13, 17.0.1 Oracle GraalVM Enterprise Edition versions 20.3.4, 21.3.0 Description The issue allows an unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE an...

DEBIAN-CVE-2020-2655

Vulnerability in the Java SE product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this...