SUSE-SU-2018:3933-2 Security update for java-1_7_1-ibm

java-171-ibm was updated to Java 7.1 Service Refresh 4 Fix Pack 35 bsc1116574: Consumability - IJ10515 AIX JAVA 7.1.3.10 GENERAL PROTECTION FAULT WHEN ATTEMPTING TO USE HEALTH CENTER API Class Libraries - IJ10934 CVE-2018-13785 - IJ10935 CVE-2018-3136 - IJ10895 CVE-2018-3139 - IJ10932 CVE-2018-31...

Oracle Database Server Java VM Access Control Error Vulnerability

Oracle Database Server is a set of relational database management system of Oracle Oracle. The database management system provides data management, distributed processing and other functions.Java VM is one of the Java virtual machine components. A security vulnerability exists in the Java VM...

Security Bulletin: A security vulnerability in IBM Java Runtime affects IBM Rational ClearQuest (CVE-2018-3180)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 6, 7 and 8, which are used by IBM Rational ClearQuest. These issues were disclosed as part of the IBM Java SDK updates in October 2018. Vulnerability Details CVEID: CVE-2018-3180 DESCRIPTION: A flaw in the JSSE...

CVE-2019-1003030

A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plugin 2.63 and earlier in pom.xml, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShell.java that allows attackers able to control pipeline scripts to execute arbitrary code on the Jenkins master JVM...

Security Bulletin: Vulnerability in RC4 cipher stream (CVE-2015-2808) and multiple vulnerabilities in IBM SDK Java Technology Edition affects IBM Systems Director.

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition 7 that is used by IBM Systems Director. These issues were disclosed as part of the IBM Java SDK updates in January and April 2015. This bulletin also addresses the RC4 bar mitzvah attack on SSL/TLS. Vulnerability Detail...

Security Bulletin: Vulnerability in RC4 cipher stream (CVE-2015-2808) and multiple vulnerabilities in IBM SDK Java Technology Edition affects IBM Systems Director

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition 7 that is used by IBM Systems Director. These issues were disclosed as part of the IBM Java SDK updates in January and April 2015. This bulletin also addresses the RC4 bar mitzvah attack on SSL/TLS. Vulnerability Detail...

Unspecified Vulnerability in Oracle Database Server Java VM (CNVD-2019-27100)

Oracle Database Server is the United States Oracle Oracle company's set of relational database management system. Java VM is one of the Java virtual machine components. A security vulnerability exists in the Java VM component of Oracle Database Server. A remote attacker could exploit this...

Arbitrary Code Execution

java-1.6.0-ibm is vulnerable to arbitrary code execution attacks. The vulnerability exists as a buffer overflow in the Java Virtual Machine JVM in IBM SDK, Java Technology Edition 6 before SR16 FP25 6.0.16.25, 6 R1 before SR8 FP25 6.1.8.25, 7 before SR9 FP40 7.0.9.40, 7 R1 before SR3 FP40 7.1.3.4...

Arbitrary Code Execution

openjdk is vulnerable to arbitrary code execution attacks. The vulnerability exists as a format string flaw was discovered in the Hotspot component event logger in OpenJDK. An untrusted Java application or applet could use this flaw to crash the Java Virtual Machine or, potentially, execute...

CloudBees Script Security Plugin Sandbox Bypass Vulnerability

CloudBees Script Security Plugin is the U.S. CloudBees company's Jenkins Java-based development of continuous integration tools in a plug-in for detecting script security . A sandbox bypass vulnerability exists in the groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java...

SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2018:4064-1)

java-180-ibm was updated to Java 8.0 Service Refresh 5 Fix Pack 25 bsc1116574 Class Libraries : - IJ10934 CVE-2018-13785 - IJ10935 CVE-2018-3136 - IJ10895 CVE-2018-3139 - IJ10932 CVE-2018-3149 - IJ10894 CVE-2018-3180 - IJ10930 CVE-2018-3183 - IJ10933 CVE-2018-3214 - IJ09315 FLOATING POINT EXCEPTI...

SUSE-SU-2018:4064-1 Security update for java-1_8_0-ibm

java-180-ibm was updated to Java 8.0 Service Refresh 5 Fix Pack 25 bsc1116574 Class Libraries: - IJ10934 CVE-2018-13785 - IJ10935 CVE-2018-3136 - IJ10895 CVE-2018-3139 - IJ10932 CVE-2018-3149 - IJ10894 CVE-2018-3180 - IJ10930 CVE-2018-3183 - IJ10933 CVE-2018-3214 - IJ09315 FLOATING POINT EXCEPTIO...

SUSE-SU-2018:3933-1 Security update for java-1_7_1-ibm

java-171-ibm was updated to Java 7.1 Service Refresh 4 Fix Pack 35 bsc1116574: Consumability - IJ10515 AIX JAVA 7.1.3.10 GENERAL PROTECTION FAULT WHEN ATTEMPTING TO USE HEALTH CENTER API Class Libraries - IJ10934 CVE-2018-13785 - IJ10935 CVE-2018-3136 - IJ10895 CVE-2018-3139 - IJ10932 CVE-2018-31...

SUSE-SU-2018:3921-1 Security update for java-1_7_1-ibm

java-171-ibm was updated to Java 7.1 Service Refresh 4 Fix Pack 35 bsc1116574: Consumability - IJ10515 AIX JAVA 7.1.3.10 GENERAL PROTECTION FAULT WHEN ATTEMPTING TO USE HEALTH CENTER API Class Libraries - IJ10934 CVE-2018-13785 - IJ10935 CVE-2018-3136 - IJ10895 CVE-2018-3139 - IJ10932 CVE-2018-31...

SUSE-SU-2018:3868-1 Security update for java-1_8_0-ibm

java-180-ibm was updated to Java 8.0 Service Refresh 5 Fix Pack 25 bsc1116574 Class Libraries: - IJ10934 CVE-2018-13785 - IJ10935 CVE-2018-3136 - IJ10895 CVE-2018-3139 - IJ10932 CVE-2018-3149 - IJ10894 CVE-2018-3180 - IJ10930 CVE-2018-3183 - IJ10933 CVE-2018-3214 - IJ09315 FLOATING POINT EXCEPTIO...

CVE-2018-3259

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java VM. Successful attacks of...

Unspecified Vulnerability in Oracle Database Server (CNVD-2018-24127)

Oracle Database Server is a set of relational database management system of Oracle Oracle. The database management system provides data management, distributed processing and other functions.Java VM is one of the Java virtual machine components. A security vulnerability exists in the Java VM...

Security Bulletin: Vulnerability in IBM Java Runtime affects IBM Rational ClearQuest (CVE-2016-3426)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition, Versions 6, 7, and 8, which are used by IBM Rational ClearQuest. This issue was disclosed as part of the IBM Java SDK updates in April 2016. Vulnerability Details CVEID: CVE-2016-3426 DESCRIPTION: An unspecifie...

CVE-2018-15764

Dell EMC ESRS Policy Manager versions 6.8 and prior contain a remote code execution vulnerability due to improper configurations of triggered JMX services. A remote unauthenticated attacker may potentially exploit this vulnerability to execute arbitrary code in the server's JVM...

JDK: privilege escalation via insufficiently restricted access to Attach API

In Eclipse OpenJ9 version 0.8, users other than the process owner may be able to use Java Attach API to connect to an Eclipse OpenJ9 or IBM JVM on the same machine and use Attach API operations, which includes the ability to execute untrusted native code. Attach API is enabled by default on...