Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
šŸ”„ Daily Hot!
šŸ’ŖšŸ½ CPE Enhanced Advisories
šŸ•¶ Shadow Exploits
šŸ•µšŸ¼ Vulners CPE
šŸ” Security news
šŸ’» Exploit updates
šŸ“‘ Blogs review
šŸ§ Linux vulnerabilities
šŸž Bugbounty
šŸ¤– AI High Score
šŸ“° CVE Feed
show all

6 matches found

Tenable Nessus
Tenable Nessusā€¢added 2024/10/09 12:0 a.m.ā€¢25 views

CentOS 6 : java-1.7.1-ibm (RHSA-2020:3387)

The remote CentOS Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3387 advisory. - In Eclipse OpenJ9 prior to version 0.21 on Power platforms, calling the System.arraycopy method with a length longer than the length of the source or...

8.3CVSS6.6AI score0.04315EPSS
Exploits0References10
OSV
OSVā€¢added 2023/06/13 6:2 a.m.ā€¢8 views

SUSE-SU-2023:2491-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: - CVE-2023-21930: Fixed possible compromise from unauthenticated attacker with network access via TLS bsc1210628. - CVE-2023-21937: Fixed vulnerability inside the networking component bsc1210631. - CVE-2023-21938: Fixed vulnerability inside...

9.1CVSS6.2AI score0.02474EPSS
Exploits1References20
Amazon
Amazonā€¢added 2023/05/03 12:0 a.m.ā€¢9 views

Important: java-1.8.0-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficul...

7.4CVSS6.4AI score0.02474EPSS
Exploits1
Schneier on Security
Schneier on Securityā€¢added 2019/10/10 6:49 p.m.ā€¢66 views

New Reductor Nation-State Malware Compromises TLS

Kaspersky has a detailed blog post about a new piece of sophisticated malware that it's calling Reductor. The malware is able to compromise TLS traffic by infecting the computer with hacked TLS engine substituted on the fly, "marking" infected TLS handshakes by compromising the underlining...

1AI score
Exploits0
Securelist
Securelistā€¢added 2019/10/03 10:0 a.m.ā€¢58 views

COMpfun successor Reductor infects files on the fly to compromise TLS traffic

In April 2019, we discovered new malware that compromises encrypted web communications in an impressive way. Analysis of the malware allowed us to confirm that the operators have some control over the target's network channel and could replace legitimate installers with infected ones on the fly...

6.8AI score
Exploits0
Debian CVE
Debian CVEā€¢added 2019/07/23 10:31 p.m.ā€¢21 views

CVE-2019-2821

Vulnerability in the Java SE component of Oracle Java SE subcomponent: JSSE. Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Java SE. Successful attacks require human...

5.3CVSS5AI score0.02016EPSS
Exploits0
Rows per page
Query Builder