Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-34282 |
|
Vulnerability in java (CVE-2026-34282)
vulnerability in java (CVE-2026-34282). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491, 11.0.31, 17.0.19, 21.0.11, 25.0.3, 26.0.1` or later.
|
| CVE-2026-21947 |
|
Cross-Site Scripting (XSS) in java (CVE-2026-21947)
cross-site scripting in java (CVE-2026-21947). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.481` or later.
|
| CVE-2026-21945 |
|
Vulnerability in java (CVE-2026-21945)
vulnerability in java (CVE-2026-21945). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.481, 11.0.30, 17.0.18, 21.0.10, 25.0.2` or later.
|
| CVE-2026-21932 |
|
Vulnerability in java (CVE-2026-21932)
vulnerability in java (CVE-2026-21932). Data can be tampered with by attackers. Mitigation: upgrade to `1.8.0, 8.0.481, 11.0.30, 17.0.18, 21.0.10, 25.0.2` or later.
|
| CVE-2026-20652 |
|
Vulnerability in java (CVE-2026-20652)
vulnerability in java (CVE-2026-20652). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
|
| CVE-2026-20644 |
|
Buffer Overflow in java (CVE-2026-20644)
vulnerability in java (CVE-2026-20644). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
|
| CVE-2026-20636 |
|
Buffer Overflow in java (CVE-2026-20636)
vulnerability in java (CVE-2026-20636). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
|
| CVE-2026-20635 |
|
Buffer Overflow in java (CVE-2026-20635)
vulnerability in java (CVE-2026-20635). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
|
| CVE-2026-20608 |
|
Vulnerability in java (CVE-2026-20608)
vulnerability in java (CVE-2026-20608). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
|
| CVE-2025-7425 |
|
Use-After-Free in java (CVE-2025-7425)
vulnerability in java (CVE-2025-7425). Data can be tampered with by attackers. Mitigation: upgrade to `1.8.0, 8.0.481` or later.
|
| CVE-2025-7424 |
|
Vulnerability in java (CVE-2025-7424)
vulnerability in java (CVE-2025-7424). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.481` or later.
|
| CVE-2025-61748 |
|
Vulnerability in java (CVE-2025-61748)
vulnerability in java (CVE-2025-61748). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `21.0.9, 25.0.1` or later.
|
| CVE-2025-6052 |
|
Vulnerability in java (CVE-2025-6052)
vulnerability in java (CVE-2025-6052). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.481` or later.
|
| CVE-2025-53066 |
|
Information Disclosure in java (CVE-2025-53066)
vulnerability in java (CVE-2025-53066). Confidential information can be exposed externally. Mitigation: upgrade to `1.8.0, 8.0.471, 11.0.29, 17.0.17, 21.0.9, 25.0.1` or later.
|
| CVE-2025-53057 |
|
Vulnerability in java (CVE-2025-53057)
vulnerability in java (CVE-2025-53057). Data can be tampered with by attackers. Mitigation: upgrade to `1.8.0, 8.0.471, 11.0.29, 17.0.17, 21.0.9, 25.0.1` or later.
|
| CVE-2025-47219 |
|
Out-of-Bounds Read in java (CVE-2025-47219)
vulnerability in java (CVE-2025-47219). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.8.0, 8.0.481` or later.
|
| CVE-2025-43457 |
|
Use-After-Free in java (CVE-2025-43457)
vulnerability in java (CVE-2025-43457). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
|
| CVE-2025-0509 |
|
Vulnerability in java (CVE-2025-0509)
vulnerability in java (CVE-2025-0509). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.8.0, 8.0.441` or later.
|
| CVE-2024-47778 |
|
Out-of-Bounds Read in java (CVE-2024-47778)
vulnerability in java (CVE-2024-47778). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.24.10` or later.
|
| CVE-2024-47777 |
|
Out-of-Bounds Read in java (CVE-2024-47777)
vulnerability in java (CVE-2024-47777). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.24.10` or later.
|
| CVE-2024-47776 |
|
Out-of-Bounds Read in java (CVE-2024-47776)
vulnerability in java (CVE-2024-47776). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.24.10` or later.
|
| CVE-2024-47775 |
|
Out-of-Bounds Read in java (CVE-2024-47775)
vulnerability in java (CVE-2024-47775). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.24.10` or later.
|
| CVE-2024-47606 |
|
Vulnerability in java (CVE-2024-47606)
vulnerability in java (CVE-2024-47606). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.24.10` or later.
|
| CVE-2024-47597 |
|
Out-of-Bounds Read in java (CVE-2024-47597)
vulnerability in java (CVE-2024-47597). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.24.10` or later.
|
| CVE-2024-47596 |
|
Out-of-Bounds Read in java (CVE-2024-47596)
vulnerability in java (CVE-2024-47596). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.24.10` or later.
|
| CVE-2024-47546 |
|
Vulnerability in java (CVE-2024-47546)
vulnerability in java (CVE-2024-47546). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.24.10` or later.
|
| CVE-2024-47544 |
|
Vulnerability in java (CVE-2024-47544)
vulnerability in java (CVE-2024-47544). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.24.10` or later.
|
| CVE-2023-21968 |
|
Vulnerability in java (CVE-2023-21968)
vulnerability in java (CVE-2023-21968). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.371, 11.0.19, 17.0.7, 20.0.1` or later.
|
| CVE-2022-39399 |
|
Vulnerability in java (CVE-2022-39399)
vulnerability in java (CVE-2022-39399). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.0.17, 17.0.5, 19.0.1` or later.
|
| CVE-2022-21619 |
|
Vulnerability in java (CVE-2022-21619)
vulnerability in java (CVE-2022-21619). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.351, 11.0.17, 17.0.5, 19.0.1` or later.
|
| CVE-2022-21618 |
|
Authentication Bypass in java (CVE-2022-21618)
authentication bypass in java (CVE-2022-21618). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `17.0.5, 19.0.1` or later.
|
| CVE-2022-21549 |
|
Unsafe Deserialization in java (CVE-2022-21549)
vulnerability in java (CVE-2022-21549). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `17.0.4` or later.
|
| CVE-2022-21540 |
|
Use-After-Free in java (CVE-2022-21540)
vulnerability in java (CVE-2022-21540). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.351, 8.0.341, 11.0.16, 17.0.4, 18.0.2` or later.
|
| CVE-2022-21476 |
|
Vulnerability in java (CVE-2022-21476)
vulnerability in java (CVE-2022-21476). Confidential information can be exposed externally. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.341, 8.0.331, 11.0.15, 17.0.3, 18.0.1` or later.
|
| CVE-2022-21366 |
|
Vulnerability in java (CVE-2022-21366)
vulnerability in java (CVE-2022-21366). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.0.14, 17.0.2` or later.
|
| CVE-2022-21360 |
|
Vulnerability in java (CVE-2022-21360)
vulnerability in java (CVE-2022-21360). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
|
| CVE-2022-21341 |
|
Unsafe Deserialization in java (CVE-2022-21341)
vulnerability in java (CVE-2022-21341). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
|
| CVE-2022-21340 |
|
Vulnerability in java (CVE-2022-21340)
vulnerability in java (CVE-2022-21340). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
|
| CVE-2022-21305 |
|
Vulnerability in java (CVE-2022-21305)
vulnerability in java (CVE-2022-21305). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
|
| CVE-2022-21299 |
|
Vulnerability in java (CVE-2022-21299)
vulnerability in java (CVE-2022-21299). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
|
| CVE-2022-21296 |
|
Information Disclosure in java (CVE-2022-21296)
vulnerability in java (CVE-2022-21296). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
|
| CVE-2022-21294 |
|
Vulnerability in java (CVE-2022-21294)
vulnerability in java (CVE-2022-21294). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
|
| CVE-2022-21293 |
|
Vulnerability in java (CVE-2022-21293)
vulnerability in java (CVE-2022-21293). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
|
| CVE-2022-21291 |
|
Vulnerability in java (CVE-2022-21291)
vulnerability in java (CVE-2022-21291). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
|
| CVE-2022-21283 |
|
Vulnerability in java (CVE-2022-21283)
vulnerability in java (CVE-2022-21283). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.0.14, 17.0.2` or later.
|
| CVE-2022-21282 |
|
XXE (XML External Entity) in java (CVE-2022-21282)
vulnerability in java (CVE-2022-21282). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
|
| CVE-2022-21277 |
|
Vulnerability in java (CVE-2022-21277)
vulnerability in java (CVE-2022-21277). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.0.14, 17.0.2` or later.
|
| CVE-2021-35556 |
|
Vulnerability in java (CVE-2021-35556)
vulnerability in java (CVE-2021-35556). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.321, 8.0.311, 11.0.13, 17.0.1` or later.
|
| CVE-2023-42917 KEV |
|
[KEV] Out-of-Bounds Write in Apple java (CVE-2023-42917)
out-of-bounds write in Apple java (CVE-2023-42917). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.8.0, 8.0.411` or later.
|
| CVE-2023-41993 KEV |
|
[KEV] Vulnerability in Apple java (CVE-2023-41993)
vulnerability in Apple java (CVE-2023-41993). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.8.0, 8.0.411` or later.
|