CVE-2020-10917

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NEC ESMPRO Manager 6.42. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RMI service. The issue results from the lack of proper validation of...

Security Bulletin: OpenPages is vulnerable to IBM Semeru Runtime Quarterly CPU - Oct 2024 - Includes OpenJDK July 2024 CPU plus two additional CVEs

Summary Security Bulletin: OpenPages is vulnerable to IBM Semeru Runtime Quarterly CPU - Oct 2024 - Includes OpenJDK July 2024 CPU with CVEs CVE-2024-21217, CVE-2024-21208, CVE-2024-10917, CVE-2024-9143 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

Security Bulletin: IBM Planning Analytics is affected by vulnerabilities in IBM® Java™ Version 8 and IBM® Semeru Runtime

Summary There are vulnerabilities in IBM® Java™ Version 8 and IBM® Semeru Runtime used by IBM Planning Analytics and IBM Planning Analytics Workspace. Please refer to the Related Information section below for vulnerability impact. Vulnerability Details CVEID:CVE-2024-21217 DESCRIPTION:...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 8 used by AIX. AIX has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-21217 DESCRIPTION: Vulnerability in Java SE component: Serialization. Difficult to exploit vulnerability allows...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM® Db2®. (January 2025 CPU)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7.1.5.24 and earlier, 8.0.8.35 and earlier, and IBM Semeru Version 21.0.5.0 and earlier used by IBM® Db2®. These issues were disclosed as part of the IBM Java SDK updates in January 2025. Vulnerability Details...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Business Developer

Summary There are multiple vulnerabilities in IBM® SDK Java™ used by Rational Business Developer. Rational Business Developer has provided fixes for the applicable CVEs. These issues were disclosed as part of the IBM Java SDK and Runtime Environment updates in the Oracle October 2024 Critical Pat...

openSUSE Security Advisory (SUSE-SU-2025:0674-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2025:0674-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM Sterling Connect:Direct for Unix is vulnerable to denial of service and arbitrary code execution attacks due to IBM Runtime Environment Java Technology Edition Version 17

Summary IBM Java 17 is used by IBM Sterling Connect:Direct for Unix in product configuration and management. IBM Sterling Connect:Direct for Unix is impacted by denial of service and arbitrary code execution attacks due to IBM Java 17. IBM Sterling Connect:Direct for Unix has upgraded IBM Java 17...

Security Bulletin: Vulnerabilities in IBM Java SDK (CVE-2024-21217, CVE-2024-21208, CVE-2024-10917) affect Power HMC.

Summary The IBM Java SDK library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-21217 DESCRIPTION: Vulnerability in Java SE component: Serialization. Difficult to exploit vulnerability allows unauthenticated attacker...

Security Bulletin: The IBM® Engineering Lifecycle Engineering products using IBM SDK, Java Technology Edition Quarterly CPU - Oct 2024 - Includes Oracle October 2024 CPU plus CVE-2024-10917 are affected by multiple vulnerabilities

Summary This bulletin for IBM SDK, Java Technology Edition covers all applicable Java SE CVEs published by Oracle as part of their October 2024 Critical Patch Update, plus CVE-2024-10917. Following IBM® Engineering Lifecycle Engineering products are vulnerable to this attack, it has been addresse...

Security Bulletin: Multiple vulnerabilities in IBM® Semeru Runtime affect IBM Tivoli Netcool Impact

Summary There are multiple vulnerabilities in IBM® Semuru Runtime used by IBM Tivoli Netcool Impact. IBM Tivoli Netcool Impact has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-21217 DESCRIPTION: Vulnerability in Java SE component: Serialization. Difficult to exploit...

Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to issues in IBM Semeru Runtime version 17

Summary There are vulnerabilities in IBM Semeru Runtime version 17 used by IBM Sterling Connect:Direct for Microsoft Windows. IBM Sterling Connect:Direct for Microsoft Windows has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-21217 DESCRIPTION: Vulnerability in Java SE...

Security Bulletin: Multiple vulnerabilities affect IBM® Semeru Runtime

Summary This bulletin for IBM Semeru Runtime covers all applicable Java SE CVEs published by OpenJDK as part of their October 2024 Vulnerability Advisory, plus CVE-2024-10917 and CVE-2024-9143. For more information please refer to OpenJDK's October 2024 Vulnerability Advisory and the X-Force...

Security Bulletin: IBM SDK Java Technology Edition is vulnerable to CVEs (set out in the link below), affecting WebSphere Service Registry and Repository due to October 2024 CPU

Summary IBM SDK Java Technology Edition is vulnerable to CVE-2024-10917, used by WebSphere Service Registry and Repository. These issues were disclosed as part of the IBM Java SDK updates in December 2024. These issues are also addressed by WebSphere Application Server shipped with WebSphere...

Security Bulletin: Multiple vulnerabilities affect IBM® SDK, Java™ Technology Edition

Summary This bulletin for IBM SDK, Java Technology Edition covers all applicable Java SE CVEs published by Oracle as part of their October 2024 Critical Patch Update, plus CVE-2024-10917. For more information please refer to Oracle's October 2024 CPU Advisory and the X-Force database entries...

CVE-2024-10917

creationtimestamp| type| source ---|---|--- 2024-11-11 16:59:23+00:00| seen| https://infosec.exchange/users/cve/statuses/113465384049344526 2024-11-11 18:36:56+00:00| seen| https://t.me/cvedetector/10513...

CVE-2024-10917 Eclipse OpenJ9 might return an incorrect value in JNI function GetStringUTFLength

In Eclipse OpenJ9 versions up to 0.47, the JNI function GetStringUTFLength may return an incorrect value which has wrapped around. From 0.48 the value is correct but may be truncated to include a smaller number of characters...

SUSE CVE-2017-10917

Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service NULL pointer dereference and host OS crash or possibly obtain sensitive information, aka XSA-221...

SUSE: Security Advisory (SUSE-SU-2017:1812-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...