Security Bulletin: TADDM affected by multiple vulnerabilities due to IBM Java and its runtime

Summary IBM Tivoli Application Dependency Discovery Manager is vulnerable to denial of service due to use of IBM Java and runtimes CVE-2023-21930, CVE-2023-21967,CVE-2023-21954, CVE-2023-21939,CVE-2023-21968,CVE-2023-21937, CVE-2023-21938,CVE-2023-2597 Vulnerability Details CVEID:CVE-2023-21930...

Security Bulletin: IBM Sterling Secure Proxy is vulnerable to multiple issues

Summary Multple vulnerabilities affect IBM Sterling Secure Proxy and are addressed in the latest release and iFix Vulnerability Details CVEID:CVE-2023-26048 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by an out of memory flaw in the HttpServletRequest.getParameter or...

Important: java-1.8.0-openjdk

Issue Overview: Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Scripting. Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access vi...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.5.3.7)

The version of AOS installed on the remote host is prior to 6.5.3.7. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.5.3.7 advisory. - An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying...

Oracle Linux 8 : java-1.8.0-openjdk (ELSA-2019-3134)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3134 advisory. 1:1.8.0.232.b09-0 - Update to aarch64-shenandoah-jdk8u232-b09. - Switch to GA mode for final release. - Remove PR1834/RH1022017 which is now handled by...

Oracle Linux 8 : java-11-openjdk (ELSA-2019-3135)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3135 advisory. 1:11.0.5.10-0.0.1 - link atomic for ix86 build Livy Ge 1:11.0.5.10-0 - Update to shenandoah-jdk-11.0.5+10 GA - Switch to GA mode for final release. -...

The vulnerability of the Networking component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Networking component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine is related to the ability to bypass authentication through phising techniques. Exploiting this vulnerability can allow an attacker, operating remotely, t...

The vulnerability of the JNDI component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows attackers to access, modify, add, or delete data.

The vulnerability of the JNDI component of Oracle Java SE and the Oracle GraalVM Enterprise Edition virtual machine is related to the use of insufficiently random values. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, or delete data...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Business Service Manager (Multiple CVEs)

Summary IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. Information about security vulnerabilities affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: A...

Security Bulletin: Vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Service Tester

Summary There are vulnerabilities in IBM SDK Java Technology Edition, Version 1.8 and IBM Runtime Environment Java Version 1.8 used by Rational Service Tester. Rational Service Tester has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified...

Security Bulletin: Vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Performance Tester

Summary There are vulnerabilities in IBM SDK Java Technology Edition, Version 1.8 and IBM Runtime Environment Java Version 1.8 used by Rational Performance Tester. Rational Performance Tester has addressed the applicable vulnerabilities. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An...

The vulnerability of the JAXP component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows attackers to disclose protected information.

The vulnerability of the JAXP component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine is related to errors in cross-border deletion of critical data. Exploiting this vulnerability can allow a malicious actor to disclose protected information...

The vulnerability of the ImageIO component in the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows a hacker to trigger a service failure.

The vulnerability of the ImageIO component in Oracle Java SE and the Oracle GraalVM Enterprise Edition software platform is related to unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the JGSS component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the JGSS component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine is related to copying buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain...

The vulnerability of the Serialization component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows a perpetrator to trigger a service failure.

The vulnerability of the Serialization component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine is related to the restoration of unreliable data in memory. Exploiting this vulnerability can allow an attacker to cause service interruptions remotel...

The vulnerability of the Libraries component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows a perpetrator to trigger a service failure.

The vulnerability of the Libraries component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

Security Bulletin: Multiple vulnerabilities found in IBM Java which is shipped with IBM® Intelligent Operations Center(CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968, CVE-2023-21937, CVE-2023-21938, CVE-2023-2597)

Summary Multiple vulnerabilities have been identified in IBM Java which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details...

The vulnerability of the JSE component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows a hacker to induce a service failure.

The vulnerability of the JSE component of Oracle Java SE software and the Oracle GraalVM Enterprise Edition virtual machine is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

The vulnerability of the ImageIO component in the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows a hacker to trigger a service failure.

The vulnerability of the ImageIO component in Oracle Java SE and the Oracle GraalVM Enterprise Edition software platform is related to unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

Security Bulletin: IBM Java Runtime (JRE) security vulnerabilities CVE-2022-21426 in FileNet Content Manager

Summary IBM Java Runtime JRE security vulnerabilities CVE-2022-21426 in FileNet Content Manager, affected, not vulnerable Vulnerability Details CVEID:CVE-2022-21426 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow an unauthenticated attacker to cause ...