Security Bulletin: Multiple Vulnerabilities in IBM Java SDK Affect Power Hardware Management Console (CVE-2014-6512, CVE-2014-3566, CVE-2014-6457, CVE-2014-6558)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 6 that is used by Power Hardware Management Console. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerability CVE-2014-3566. These were disclosed as part of the...

Security Bulletin: Multiple Vulnerabilities in IBM Java SDK Affect Power Hardware Management Console (CVE-2015-0410, CVE-2014-6593)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 6 Service Refresh 16 Fix Pack 2 that is used by Power Hardware Management Console. These issues were disclosed as part of the IBM Java SDK updates in January 2015. Vulnerability Details CVEID: CVE-2015-0410...

Security Bulletin: IBM Db2 Query Monitor fix for potential JSSE vulnerability. PSIRT 255377

Summary PROBLEM DESCRIPTION: Potential vulnerability in JSSEcomponent. Vulnerability Details CVEID: CVE-2020-14781 DESCRIPTION: An unspecified vulnerability in Java SE related to the JNDI component could allow an unauthenticated attacker to obtain sensitive information resulting in a low...

Oracle Java SE Security Updates - 03 - (cpujul2020) - Linux

Oracle Java SE is prone to multiple security vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to a security vulnerability (CVE-2020-14579, CVE-2020-14578, CVE-2020-14577)

Summary IBM has announced a release for IBM Security Identity Governance and Intelligence IGI in response to security vulnerability. The vulnerability concerns IBM SDK, Java Technology Edition Quarterly CPU - Jul 2020 - Includes Oracle Jul 2020 CPU plus one additional vulnerability. Vulnerability...

OpenJDK 7 <= 7u221 / 8 <= 8u212 / 11.0.0 <= 11.0.3 / 12.0.0 <= 12.0.1 Multiple Vulnerabilities (2019-07-16)

The version of OpenJDK installed on the remote host is prior to 7 = 7u221 / 8 = 8u212 / 11.0.0 = 11.0.3 / 12.0.0 = 12.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the 2019-07-16 advisory. Please Note: Java CVEs do not always include OpenJDK versions, but are...

OpenJDK 7 <= 7u251 / 8 <= 8u242 / 11.0.0 <= 11.0.6 / 13.0.0 <= 13.0.2 / 14.0.0 <= 14.0.0 Multiple Vulnerabilities (2020-04-14)

The version of OpenJDK installed on the remote host is prior to 7 = 7u251 / 8 = 8u242 / 11.0.0 = 11.0.6 / 13.0.0 = 13.0.2 / 14.0.0 = 14.0.0. It is, therefore, affected by multiple vulnerabilities as referenced in the 2020-04-14 advisory. Please Note: Java CVEs do not always include OpenJDK...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Platform Symphony and IBM Spectrum Symphony

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 Service Refresh 5 Fix Pack 15 and earlier releases used by IBM Platform Symphony and IBM Spectrum Symphony. IBM Platform Symphony and IBM Spectrum Symphony have addressed the applicable CVEs. Vulnerability...

SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2020:14398-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2020:14398-1 advisory. - Vulnerability in the Java SE product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u241, 8u231,...

SUSE: Security Advisory (SUSE-SU-2015:1329-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM DataPower Gateway Java security update

Summary IBM has addressed the following JRE CVEs: CVE-2020-14621, CVE-2020-14579, CVE-2020-14578, CVE-2020-14577, CVE-2020-2757, CVE-2020-2756, CVE-2020-2755, CVE-2020-2754 Vulnerability Details CVEID: CVE-2020-14621 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP compone...

Privilege Escalation

openjdk11:edge is vulnerable to privilege escalation. Vulnerability in the Java SE product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 11.0.6 and 14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromi...

Security Bulletin: Security vulnerability in IBM Jazz Team Server affects multiple IBM Rational products based on IBM Jazz technology (CVE-2014-2421, CVE-2013-6954, CVE-2013-6629, CVE-2014-0411, CVE-2014-0416)

Summary Security vulnerabilities have been identified in the IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Collaborative Lifecycle Management CLM, Rational Requirements Composer RRC, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manage...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Rational Directory Server (Tivoli) & Rational Directory Administrator

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 and Version 8 used by Rational Directory Server Tivoli and Rational Directory Administrator. These issues were disclosed as part of the IBM Java SDK updates in November 2020. Upgrade the JRE in order to resolve...

SUSE: Security Advisory (SUSE-SU-2018:2839-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple vulnerabilities in OpenJDK version 8 affect IBM InfoSphere Information Server

Summary There are multiple vulnerabilities in OpenJDK version 8 that is used by IBM InfoSphere Information Server. Some of these vulnerabilities only affect versions 11.7.1.0 and earlier; others also affect versions 11.7.1.1 and 11.7.1.2. Vulnerability Details CVEID: CVE-2019-2987 DESCRIPTION: An...

Security Bulletin: IBM SDK Java Quarterly CPU Jul 2020 Vulnerabilities Affect IBM Transformation Extender

Summary There are vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU - Jul 2020 - Includes Oracle Jul 2020 CPU plus one additional vulnerability that affect IBM Transformation Extender. Vulnerability Details CVEID: CVE-2020-14579 DESCRIPTION: An unspecified vulnerability in Java SE...

CentOS 8 : java-11-openjdk (CESA-2020:0128)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:0128 advisory. - OpenJDK: Incorrect exception processing during deserialization in BeanContextSupport Serialization, 8224909 CVE-2020-2583 - OpenJDK: Improper checks ...

CentOS 8 : java-1.8.0-openjdk (CESA-2020:2972)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:2972 advisory. - OpenJDK: Incorrect handling of access control context in ForkJoinPool Libraries, 8237117 CVE-2020-14556 - OpenJDK: HostnameChecker does not ensure...

CentOS 8 : java-11-openjdk (CESA-2020:2970)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:2970 advisory. - OpenJDK: Incorrect handling of access control context in ForkJoinPool Libraries, 8237117 CVE-2020-14556 - OpenJDK: Excessive memory usage in ImageIO...