ROS-20260216-73-0031

A vulnerability in the Networking component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain access ...

Security Bulletin: Multiple Vulnerabilities in IBM Data Product Hub

Summary Multiple vulnerabilities were addressed in IBM Data Product Hub version 5.2.2 Vulnerability Details CVEID:CVE-2025-56200 DESCRIPTION: A URL validation bypass vulnerability exists in validator.js through version 13.15.15. The isURL function uses '://' as a delimiter to parse protocols, whi...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms January 2019 CPU (CVE-2018-1890, CVE-2019-2426)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 used by IBM Tivoli System Automation for Multiplatforms 4.1.0.0 to 4.1.0.3. These issues were disclosed as part of the IBM Java SDK updates in January 2019. There are multiple vulnerabilities in IBM® SDK...

Security Bulletin: Jan 2020 : Multiple vulnerabilities in IBM Java Runtime affect CICS Transaction Gateway

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 7.0, 7.1 and 8.0 used by CICS Transaction Gateway. CICS Transaction Gateway has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-2593 DESCRIPTION: An unspecified vulnerability in Java SE...

OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitrary host (Networking, 8258432)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerability allows...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affecting Rational Synergy

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7.0.10.40 and Version 8.0.5.35 used by Rational Synergy versions 7.2.1.0 to 7.2.1.7. Rational Synergy has addressed the applicable CVEs. Vulnerability Details Rational Synergy has addressed the following: If...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM ILOG CPLEX Optimization Studio

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by IBM CPLEX Optimization Studio. IBM CPLEX Optimization Studio has addressed the applicable CVEs. Vulnerability Details If you run your own Java code using the IBM Java Runtime delivered with this product...

Security Bulletin: Vulnerabilities in IBM Runtime Environments Java Technology Edition affect IBM Transformation Extender

Summary There are vulnerabilities in IBM Runtime Environments Java Technology Edition, Versions 7 and 8, IBM SDK, Java Technology Edition Version 8 and Eclipse Open J9 that affect IBM Transformation Extender. Vulnerability Details CVEID: CVE-2020-2593 DESCRIPTION: An unspecified vulnerability in...

Security Bulletin: IBM Planning Analytics has addressed multiple Security Vulnerabilities

Summary This Security Bulletin addresses security vulnerabilities that have been remediated in IBM Planning Analytics 2.0.9.1. There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by IBM Planning Analytics. These issues were disclosed as part of the IBM Java SDK...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Content Collector for SAP Applications

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition used by Content Collector for SAP Applications. These issues were disclosed as part of the IBM Java SDK updates in January 2020. Vulnerability Details CVEID: CVE-2020-2593 DESCRIPTION: An unspecified vulnerability in...

Security Bulletin: Vulnerability in IBM Java Runtime affect DB2 Recovery Expert for Linux, Unix and Windows(IBM SDK, Java Technology Edition Quarterly CPU - Jan 2020)

Summary DB2 Recovery Expert for Linux, UNIX and Windows has addressed the following vulnerabilities:IBM SDK, Java Technology Edition Quarterly CPU - Jan 2020 - Includes Oracle Jan 2020 CPU minus CVE-2020-2585, CVE-2020-2654, and CVE-2020-2590. These issues were disclosed as part of the IBM Java S...

Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime affect IBM LKS Administration & Reporting Tool and Agent

Summary Mutiple security vulnerabilities have been found in IBM Java Runtime used by IBM LKS Administration & Reporting Tool ART and Agent. A mitigation has been included in the latest release. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected...

Security Bulletin: Multiple Vulnerabilities in IBM java Runtime Affect IBM Sterling External Authentication Server

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.8 used by IBM Sterling External Authentication Server. These issues were disclosed as part of the IBM Java SDK updates in January 2019. Vulnerability Details CVEID: CVE-2018-12547 DESCRIPTION: Eclipse OpenJ9 is...

CVE-2020-2659

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u241 and 8u231; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect z/TPF

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by the z/TPF system. z/TPF has addressed the applicable CVEs. Vulnerability Details If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Access Manager (CVE-2019-2426, CVE-2019-2449, CVE-2019-2422)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.7, 1.8 used by IBM Security Access Manager. IBM Security Access Manager has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2019-2426 DESCRIPTION: An unspecified vulnerability related to the...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum LSF Process Manager

Summary There are multiple vulnerabilities in IBM®Runtime Environment Java™Version 8 used by IBM Spectrum LSF Process Manager. IBM Spectrum LSF Process Manager has addressed the applicable CVEs. Vulnerability Details If you run your own Java code using the IBM Java Runtime delivered with this...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum LSF Suite and IBM Spectrum LSF Suite for HPA

Summary There are multiple vulnerabilities in IBM®Runtime Environment Java™Version 8 used by IBM Spectrum LSF Suite and IBM Spectrum LSF Suite for HPA. IBM Spectrum LSF Suite and IBM Spectrum LSF Suite for HPA have addressed the applicable CVEs. Vulnerability Details If you run your own Java code...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum LSF Explorer

Summary There are multiple vulnerabilities in IBM®Runtime Environment Java™Version 8 used by IBM Spectrum LSF Explorer. IBM Spectrum LSF Explorer has addressed the applicable CVEs. Vulnerability Details If you run your own Java code using the IBM Java Runtime delivered with this product, you shou...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM API Connect

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 and IBM® Runtime Environment Java™ Version 8 used by IBM API Connect. IBM API Connect has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2018-11212 DESCRIPTION: libjpeg is vulnerable to a...