Oracle Siebel CRM (April 2016 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2016 CPU advisory. - Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM subcomponent: UIF Open UI. Supported versions that are affected are 8.1.1...

SUSE CVE-2016-3443

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D. NOTE: the previous information is from the April 2016 CPU. Oracle has not commented on third-party claims that this issue...

Oracle Business Intelligence Publisher Multiple Vulnerabilities (April 2016 CPU)

The version of Oracle Business Intelligence Publisher running on the remote host is 11.1.1.7.x prior to 11.1.1.7.160119, 11.1.1.9.x prior to 11.1.1.9.160119, or 12.2.1.0.x prior to 12.2.1.0.160419. It is, therefore, affected by multiple vulnerabilities as noted in the April 2016 Critical Patch...

Oracle Java SE 6 < Update 115 / 7 < Update 101 / 8 < Update 91 Multiple Vulnerabilities (April 2016 CPU)

Binary data 700653.prm...

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Integrated Information Core - Oracle CPU April 2016

Summary Oracle released the April 2016 critical patch updates which contain multiple fixes for security vulnerabilities in the IBM Java Development Kit that is included with the IBM WebSphere Application Server. Vulnerability Details New IBM WebSphere Application Server updates are available that...

Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affect WebSphere Application Server April 2016 CPU (CVE-2016-3426, CVE-2016-3427) shipped with Tivoli Netcool Performance Manager

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed in the Oracle April 2016 Critical Patch Update, plus four additional vulnerabilities. These may affect some configurations of IBM...

Security Bulletin: A security vulnerability has been identified in Oracle MySQL shipped with IBM Tivoli Network Manager IP Edition (Oracle Critical Patch Update Advisory - April 2016

Summary Oracle MySQL is shipped as a component of IBM Tivoli Network Manager IP Edition. Information regarding security vulnerabilities affecting Oracle MySQL has been published. Vulnerability Details Tivoli Network Manager IP Edition ships with Oracle MySQL. Oracle has released a Critical Patch...

Security Bulletin: Vulnerability in Oracle Outside In Technology (OIT) affects FileNet Content Manager and IBM Content Foundation (CVE-2016-3455)

Summary Security vulnerabilitiy exists in in Oracle Outside In Technology OIT which affects the IBM FileNet Content Manager and IBM Content Foundation products. Vulnerability Details CVE-ID: CVE-2016-3455 Description: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM ILOG CPLEX Optimization Studio and IBM ILOG CPLEX Enterprise Server

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6 and Version 7 that are used by IBM ILOG CPLEX Optimization Studio and IBM ILOG CPLEX Enterprise Server. These issues were disclosed as part of the IBM Java SDK updates in April 2016. Vulnerability Details CVE...

Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affect Liberty for Java for IBM Bluemix April 2016 CPU (CVE-2016-3426, CVE-2016-3427)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed in the Oracle April 2016 Critical Patch Update, plus four additional vulnerabilities. These may affect some configurations of Liberty...

Security Bulletin: Multiple vulnerabilities in WebSphere Application Server affect IBM Business Process Manager, WebSphere Process Server and WebSphere Lombardi Edition (Java CPU April 2016)

Summary WebSphere Application Server is shipped as a component of IBM Business Process Manager, WebSphere Process Server, and WebSphere Lombardi Edition. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability...

Security Bulletin: Multiple vulnerabilities in current releases of IBM® WebSphere Real Time

Summary Java SE issues disclosed in the Oracle April 2016 Critical Patch Update, plus three additional vulnerabilities. Vulnerability Details CVE IDs: CVE-2016-3443 CVE-2016-0687 CVE-2016-0686 CVE-2016-3427 CVE-2016-3449 CVE-2016-3422 CVE-2016-3426 CVE-2016-0363 CVE-2016-0376 CVE-2016-0264...

Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java™ Technology Edition

Summary Java SE issues disclosed in the Oracle April 2016 Critical Patch Update, plus CVE-2016-0636 and three additional vulnerabilities. Vulnerability Details CVE IDs: CVE-2016-3443 CVE-2016-0687 CVE-2016-0686 CVE-2016-3427 CVE-2016-0636 CVE-2016-3449 CVE-2016-3422 CVE-2016-3426 CVE-2016-0363...

JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D. NOTE: the previous information is from the April 2016 CPU. Oracle has not commented on third-party claims that this issue...

mysql: unspecified vulnerability in subcomponent: Server: FTS (CPU April 2016)

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to FTS...

mysql: unspecified vulnerability in subcomponent: Server: Optimizer (CPU April 2016)

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer...

AIX Java Advisory : java_april2016_advisory.asc (April 2016 CPU)

The version of Java SDK installed on the remote AIX host is affected by multiple vulnerabilities in the following components : - 2D - Deployment - Hotspot - JCE - JMX - JVM - ORB - SDK - Serialization %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

mysql: unspecified vulnerability in subcomponent: Server: Replication (CPU April 2016)

Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to Replication...

Oracle MySQL 5.5.x < 5.5.49 Multiple Vulnerabilities (April 2016 CPU) (July 2016 CPU)

The version of Oracle MySQL installed on the remote host is 5.5.x prior to 5.5.49. It is, therefore, affected by the following vulnerabilities : - An unspecified flaw exists in the Federated subcomponent that allows a local attacker to impact integrity and availability. CVE-2016-0642 - An...

Oracle MySQL 5.7.x < 5.7.12 Multiple Vulnerabilities (RPM Check) (April 2016 CPU) (July 2016 CPU) (October 2017 CPU) (DROWN)

The version of Oracle MySQL installed on the remote host is 5.7.x prior to 5.7.12. It is, therefore, affected by the following vulnerabilities : - A cipher algorithm downgrade vulnerability exists in the bundled version of OpenSSL due to a flaw that is triggered when handling cipher negotiation. ...