14454 matches found
Security Bulletin: IBM Storage Protect Operations Center is vulnerable to denial of service due to Java SE (CVE-2022-21426)
Summary Java SE is used by IBM Storage Protect Operations Center and may be affected by this vulnerability. Vulnerability Details CVEID:CVE-2022-21426 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow an unauthenticated attacker to cause a denial of...
K000135149: Oracle Java SE vulnerability CVE-2023-21938
Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 a...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to information exposure in Java SE (CVE-2022-21476)
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to information exposure in Java SE related to the Libraries component CVE-2022-21476. Java SE is included as part of our microservice components. This vulnerabilitiy has been addressed. Please read the details f...
Security Bulletin: Vulnerabilities in Oracle Java SE might affect IBM Spectrum Copy Data Management (CVE-2023-21968, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21937, CVE-2023-21930)
Summary IBM Spectrum Copy Data Management can be affected by vulnerabilities in Oracle Java SE. Vulnerabilities include allowing an unauthenticated and remote attacker to cause high confidentiality impact, high integrity impact, and high availability impact, as described by the CVEs in the...
Debian DSA-5430-1 : openjdk-17 - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5430 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are...
Security Bulletin: IBM Sterling Control Center is vulnerable to denial of service attack due to Java SE (CVE-2022-21426)
Summary IBM Sterling Control Center uses Java SE. Vulnerability Details CVEID:CVE-2022-21426 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown...
Security Bulletin: IBM Sterling Control Center is vulnerable to denial of service due to Java SE (CVE-2023-21830, CVE-2023-21843)
Summary IBM Sterling Control Center uses Java SE. Vulnerability Details CVEID:CVE-2023-21830 DESCRIPTION: An unspecified vulnerability in Java SE related to the Serialization component could allow a remote attacker to cause a denial of service resulting in a low integrity impact using unknown...
SUSE SLES15: java-1_8_0-ibm / java-1_8_0-ibm-32bit / java-1_8_0-ibm-alsa / etc (SUSE-SU-2023:2491-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2491-1 advisory. - CVE-2023-21930: Fixed possible compromise from unauthenticated attacker with network access via TLS bsc1210628. -...
Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime affect z/Transaction Processing Facility
Summary There are multiple vulnerabilities in IBM® Semeru Runtime Certified Edition 11 that is used by the z/TPF system. z/TPF has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-21967 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Editi...
SUSE SLES12: java-1_8_0-ibm / java-1_8_0-ibm-alsa / java-1_8_0-ibm-devel / etc (SUSE-SU-2023:2476-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2476-1 advisory. - CVE-2023-21930: Fixed possible compromise from unauthenticated attacker with network access via TLS bsc1210628. - CVE-2023-21937:...
EulerOS 2.0 SP8 : java-1.8.0-openjdk (EulerOS-SA-2023-2192)
According to the versions of the java-1.8.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported...
EulerOS 2.0 SP5 : java-1.8.0-openjdk (EulerOS-SA-2023-2150)
According to the versions of the java-1.8.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported...
Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2023-2192)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2023-2150)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect WebSphere Service Registry and Repository due to April 2023 CPU
Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, used by WebSphere Service Registry and Repository. These issues were disclosed as part of the IBM Java SDK updates in April 2023. These issues are also addressed by WebSphere Application Server shipped with WebSphere...
Security Bulletin: IBM Operational Decision Manager May 2023 - Multiple CVEs
Summary This Security Bulletin addresses the security vulnerabilities that have been fixed within the IBM Operational Decision Manager. This product now includes fixes for the following security vulnerabilities. Vulnerability Details CVEID:CVE-2023-20862 DESCRIPTION: VMware Tanzu Spring Security...
Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to April 2023 CPU
Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVEs listed in this document might affect some configurations of IBM WebSphere Application Server traditiona...
Security Bulletin: IBM Sterling Partner Engagement Manager vulnerable to multiple issues due to IBM Java SE
Summary IBM Java is used by IBM Sterling Partner Engagement Manager. IBM Partner Engagement Manager has addressed the applicable CVE's. Vulnerability Details CVEID:CVE-2022-21628 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by a flaw in the Lightweight HTTP Server. By sending...
Amazon Linux 2 : java-11-openjdk (ALASJAVA-OPENJDK11-2023-004)
The version of java-11-openjdk installed on the remote host is prior to 11.0.19.0.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2JAVA-OPENJDK11-2023-004 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java S...
Security Bulletin: Multiple vulnerabilities may affect IBM® Semeru Runtime
Summary This bulletin covers all applicable Java SE CVEs published by OpenJDK as part of their April 2023 Vulnerability Advisory, plus CVE-2023-25193 and CVE-2023-2597. For more information please refer to OpenJDK's April 2023 Vulnerability Advisory and the X-Force database entries referenced...