Oracle Siebel Server < 17.3 (January 2018 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by a vulnerability as referenced in the January 2018 CPU advisory. - Vulnerability in the Siebel Engineering - Installer and Deployment component of Oracle Siebel CRM subcomponent: Siebel Approval Manager. Supported...

Oracle Siebel Server < 16.18 / 17.0 < 17.3 (January 2018 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by a vulnerability as referenced in the January 2018 CPU advisory. - Vulnerability in the Siebel CRM Desktop component of Oracle Siebel CRM subcomponent: Outlook Client. Supported versions that are affected are 17.3 and...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2017-10356, CVE-2018-2579, CVE-2018-2588, CVE-2018-2602, CVE-2018-2603, CVE-2018-2633, CVE-2018-2618)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped and used by IBM Spectrum Control formerly Tivoli Storage Productivity Center. These issues were disclosed as part of the IBM Java SDK updates for October 2017 and January 2018. U UPDATED 5/17/2018 to a...

Security Bulletin: Security Vulnerabilities in IBM® Java SDK affects multiple IBM Rational products based on IBM Jazz technology January 2018 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java Technology Edition, Version 1.7 and 1.8 that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational...

January 2, 2018, update for Office 2016 (KB3178662)

January 2, 2018, update for Office 2016 KB3178662 This article describes update 3178662 for Microsoft Office 2016 that was released on January 2, 2018. This update has a prerequisite. Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition o...

Code injection

An issue was discovered on Samsung mobile devices with N7.x software. An attacker can cause a reboot because InputMethodManagerService has an unprotected system service. The Samsung ID is SVE-2017-9995 January 2018...

CVE-2018-21091

An issue was discovered on Samsung mobile devices with M6.x and N7.x software. Telecom has a System Crash via abnormal exception handling. The Samsung ID is SVE-2017-10906 January 2018...

Security Bulletin: Multiple Security Vulnerabilities exist in IBM Cognos TM1

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 used by IBM Cognos TM1. These issues were disclosed as part of the IBM Java SDK updates in January 2018 and April 2018. Multiple Open Source OpenSSL vulnerabilities have also been addressed. Vulnerability Detai...

Arista Networks CloudVision Portal Privilege Vulnerability

Arista Networks CloudVision Portal is a suite of web-based user management portals for the CloudVision platform from Arista Networks, USA. The product includes features such as network device configuration, compliance management, change management, and network monitoring and management. A...

Oracle Java SE 6 < Update 181 / 7 < Update 171 / 8 < Update 161 / 9 < Update 4 Multiple Vulnerabilities (January 2018 CPU)

Binary data 700656.prm...

MySQL 5.7.x < 5.7.21 Multiple Vulnerabilities (January 2018 CPU)

Binary data 700625.prm...

MySQL 5.6.x < 5.6.39 Multiple Vulnerabilities (January 2018 CPU)

Binary data 700620.prm...

CVE-2018-20753

Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and R9.5 before 9.5.0.5 allows unprivileged remote attackers to execute PowerShell payloads on all managed devices. In January 2018, attackers actively exploited this vulnerability in the wild...

Code injection

Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and R9.5 before 9.5.0.5 allows unprivileged remote attackers to execute PowerShell payloads on all managed devices. In January 2018, attackers actively exploited this vulnerability in the wild...

CVE-2018-20753

Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and R9.5 before 9.5.0.5 allows unprivileged remote attackers to execute PowerShell payloads on all managed devices. In January 2018, attackers actively exploited this vulnerability in the wild...

Oracle Business Intelligence Publisher Multiple Vulnerabilities (January 2018 CPU)

The version of Oracle Business Intelligence Publisher running on the remote host is 11.1.1.9.x prior to 11.1.1.9.180116 or 12.2.1.2.x prior to 12.2.1.2.180116 or 12.2.1.3.x prior to 12.2.1.3.180116. It is, therefore, affected by multiple vulnerabilities as noted in the January 2018 Critical Patch...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Rational Asset Analyzer (RAA).

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8.0.5.7 used by Rational Asset Analyzer RAA. These issues were disclosed as part of the IBM Java SDK updates in January 2018. Vulnerability Details CVEID: CVE-2018-2579 DESCRIPTION: An unspecified vulnerability i...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 7, 7.1, and 8 that are used by AIX. These issues were disclosed as part of the IBM Java SDK updates in January 2018. Vulnerability Details CVEID: CVE-2018-2639 DESCRIPTION: An unspecified vulnerability relat...

Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affects IBM Security Key Lifecycle Manager January 2018 CPU

Summary There are multiple vulnerabiltities in the IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. IBM WebSphere Application Server is shipped with IBM Security Key Lifecycle Manager. These issues were disclosed as part of the IBM Java SDK updates in Janua...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Cognos Command Center (CVE-2018-2579, CVE-2018-2602, CVE-2018-2603, CVE-2018-2633, CVE-2018-1417, CVE-2018-2783, CVE-2018-2794)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by IBM Cognos Command Center. These issues were disclosed as part of the IBM Java SDK updates for January and April 2018. Vulnerability Details CVEID: CVE-2018-2579 DESCRIPTION:...