Oracle Java SE Security Update (jan2023) 01 - Linux

Oracle Java SE is prone to a denial of service vulnerability. Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

Security Bulletin: IBM Security Verify Governance is vulnerable to unauthenticated access resulting in various threats (CVE-2021-35550, CVE-2021-2163, CVE-2021-35603)

Summary IBM Security Verify Governance is vulnerable to sensitive information access, high integrity impact and no availability impact by an unauthenticated attacker due to a vulnerability in Java SE related to the JSSE and Libraries componentsCVE-2021-35550, CVE-2021-2163, CVE-2021-35603. The fi...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Rational Directory Server (Tivoli) & Rational Directory Administrator

Summary There are multiple vulnerabilities CVE-2021-2163, CVE-2021-35550, CVE-2021-41041, CVE-2021-35603, CVE-2022-21299, CVE-2022-21541, CVE-2022-21540, CVE-2021-35561, CVE-2022-21496, CVE-2022-21434, CVE-2022-21443, CVE-2022-21365, CVE-2022-21360, CVE-2022-21341, CVE-2022-21340, CVE-2022-21294,...

Security Bulletin: The Java version bundled with IBM Cognos Express is susceptible to unspecified vulnerabilities in the Java Runtime Environment (JRE) (CVE-2012-0498 and CVE-2012-5081)

Summary The version of Java included with IBM Cognos Express has a reported vulnerability that allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D CVE-2012-0498 and allows remote attackers to affect availability CVE-2012-5081...

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities

Summary IBM Security Guardium has fixed these vulnerabilities. Vulnerability Details CVEID:CVE-2021-35550 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to obtain sensitive information resulting in a high confidentiality...

Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affect Liberty for Java for IBM Cloud October 2021 CPU

Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with Liberty for Java for IBM Cloud. These might affect some configurations of Liberty for Java for IBM Cloud. These products have addressed the applicable CVEs. If you run your own Java code usin...

Security Bulletin: IBM Tivoli Directory Integrator can be affected by vulnerabilities in the IBM Java Runtime Environment (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169)

Abstract CVE-2013-0440 - Unspecified vulnerability in IBM Java Runtime Environment allows remote attackers to affect availability via vectors related to JSSE. CVE- 2013-0443 - Unspecified vulnerability in IBM Java Runtime Environment allows remote attackers to affect confidentiality and integrity...

Security Bulletin: IBM InfoSphere Master Data Management – Java CPU Feb 2013 (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169)

Abstract Multiple security vulnerabilities exist in the IBM Java SDK shipped with IBM WebSphere Application Server that affects IBM InfoSphere Master Data Management versions 8.5, 9.0.1, 9.0.2, 10.0.0, 10.1.0,and 11.0.0 Content VULNERABILITY DETAILS: CVE-2013-0440 - Unspecified vulnerability in...

Security Bulletin: Multiple vulnerabilities in IBM Data Studio Web Console due to vulnerabilities in IBM Java Runtime Environment.

Abstract IBM Data Studio Web Console uses the IBM Java Runtime Environment JRE and might be affected by vulnerabilities in the IBM JRE. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-0440 DESCRIPTION: An unspecified vulnerability within the JSSE component could allow a remote attacker to cause a...

Security Bulletin: Potential security vulnerabilities in WebSphere Partner Gateway Advanced/Enterprise for the Oracle CPU February 2013.

Abstract The IBM WebSphere Partner Gateway is shipped with an IBM Java SDK that is based on the Oracle SDK. The February 2013 Oracle Critical Patch Updates CPU contained various security vulnerability fixes for the Oracle JDKs. The IBM Java SDK that WebSphere Partner Gateway ship is similarly...

Security Bulletin: Multiple vulnerabilities in current IBM SDK for Java for WebSphere Application Server October 2013 CPU

Abstract Multiple security vulnerabilities exist in the IBM SDK for Java that is shipped with IBM WebSphere Application Server Content The IBM WebSphere Application Server is shipped with an IBM SDK for Java that is based on the Oracle JDK. Oracle has released October 2013 critical patch updates...

Security Bulletin: Multiple vulnerabilities exist in the SOAP Gateway component of IMS Enterprise Suite (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169, CVE-2013-3003)

Abstract The SOAP Gateway component of IMS™ Enterprise Suite versions 1.1, 2.1, and 2.2 is affected by multiple vulnerabilities in IBM® Java™ and could allow remote, arbitrary command execution. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-0440 DESCRIPTION: An unspecified vulnerability could...

GLSA-202209-15 : Oracle JDK/JRE: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202209-15 Oracle JDK/JRE: Multiple vulnerabilities - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java S...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Asset and Service Management

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 5, 6, and 7 that are used by Maximo Asset Management, Maximo Asset Management Essentials, Maximo Asset Management for Energy Optimization, Maximo Industry Solutions including Maximo for Government, Maximo fo...

Security Bulletin: Multiple vulnerabilities in the IBM SDK for Java™ Technology Edition January 2015 CPU affect WebSphere Process Server

Summary There are multiple vulnerabilities in IBM SDK for Java™ Technology Edition that is used by WebSphere Process Server. These issues were disclosed as part of the IBM SDK for JavaTechnology Edition updates in January 2015. Vulnerability Details CVEID: CVE-2014-3566 DESCRIPTION: Multiple...

Security Bulletin: Information regarding security vulnerability in IBM SDK for Java that is shipped with IBM WebSphere Application Server and addressed by Oracle CPU October 2013

Summary Multiple security vulnerabilities exist in the IBM SDK for Java that is shipped with IBM WebSphere Application Server and included in the products that are listed in this document. Vulnerability Details The products that are listed in the Affected product section are shipped with a versio...

Security Bulletin: IBM Security Identity Governance and Intelligence is vulnerable to exposure of sensitive information (CVE-2021-35603)

Summary IBM Security Identity Governance and Intelligence is vulnerable to exposure of sensitive information to an unauthenticated attacker due to a vulnerability in Java SE related to the JSSE component CVE-2021-35603. The fix includes upgrading Java SE to the patched version. Vulnerability...

Security Bulletin: Multiple vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Digital Business Automation Workflow family products Java CPU October 2021

Summary WebSphere Application Server traditional is shipped as a component of IBM Business Automation Workflow, IBM Business Process Manager, and WebSphere Enterprise Service Bus. WebSphere Application Server Liberty profile is shipped as a component of IBM Business Automation Workflow and IBM...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.17.1.5)

The version of AOS installed on the remote host is prior to 5.17.1.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.17.1.5 advisory. - An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocatetracebuff...

Security Bulletin: Enterprise Content Management System Monitor is affected by a vulnerability in Java SE related to the JSSE component

Summary Vulnerability found in Java SE related to the JSSE component used by Enterprise Content Management System Monitor. Enterprise Content Management System Monitor has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2021-35603 DESCRIPTION: An unspecified vulnerability in Java SE...