Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Sterling Secure Proxy

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.8 used by IBM Sterling Secure Proxy. These issues were disclosed as part of the IBM Java SDK updates in Oct 2016 and Jan 2017. Vulnerability Details CVEID: CVE-2016-5546 DESCRIPTION: An unspecified vulnerabilit...

Oracle Java SE/Java SE Embedded CVE-2019-2933 Remote Security Vulnerability

Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over Multiple protocols. This issue affects the 'Libraries' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13;...

Oracle Java SE/Java SE Embedded CVE-2019-2958 Remote Security Vulnerability

Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over Multiple protocols. This issue affects the 'Libraries' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13;...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Content Collector for SAP Applications

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Java™ Version 6 and Java™ Version 7 that is used by Content Collector for SAP Applications. Vulnerability Details CVEID: CVE-2017-3289 DESCRIPTION: An unspecified vulnerability in Oracle Java SE and Java SE Embedded...

OpenJDK: Slow conversion of BigDecimal to long (Libraries, 8211936)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via...

Improper Access Control

Oracle Java SE is vulnerable to Improper Access Control vulnerability. This is because the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an...

OpenJDK: Slow conversion of BigDecimal to long (Libraries, 8211936)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via...

Denial Of Service (DoS)

Java SE and Java SE Embedded are vulnerable to denial of service attacks. A remote, unauthenticated attacker could submit malicious input leading to the exploitation of the flawed Libraries component causing partial denial of service conditions...

Privilege Escalation

Java SE and Java SE Embedded are vulnerable to privilege escalation attacks. A remote, unauthenticated attacker could submit malicious input leading to the exploitation of the flawed Libraries component to gain elevated privileges. Successful attacks could result in takeover of Java SE and Java S...

Privilege Escalation

Java SE and Java SE Embedded are vulnerable to privilege escalation attacks. A remote user can exploit a flaw in the Libraries component to gain elevated privileges. This may allow a user with lower privileges to perform restricted actions...

Privilege Escalation

Java SE and Java SE Embedded are vulnerable to privilege escalation. A remote user can exploit a flaw in the Libraries component to gain elevated privileges. This may allow the user with lower privileges to perform restricted actions...

Denial Of Service (DoS)

Java SE and Java SE Embedded are vulnerable to denial of service attacks. A remote attacker could cause an application crash resulting in denial of service conditions via the Libraries component...

Unauthenticated Access

Java SE and Java SE Embedded are vulnerable to unauthenticated access attacks. A remote user can exploit a flaw in the DSA implementation in the Libraries component of OpenJDK. The attacker may then be able to modify data on the target system and gain elevated privileges...

Sandbox Restrictions Bypass

openjdk is vulnerable to sandbox restrictions bypass. An improper permission check issue was discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions...

The vulnerability of the Libraries component in Oracle Java SE and Java SE Embedded software platforms allows a attacker to cause a service failure.

The vulnerability of the Libraries component in Oracle Java SE and Java SE Embedded software platforms is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using network protocols...

KLA11403 Multiple vulnerabilities in Oracle Java SE

Multiple vulnerabilities were found in Oracle Java SE. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A divide by zero vulnerability in libjpeg ImageIO component can be exploited remotely ...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM MessageSight

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7.1 and 8.0 used by IBM MessageSight. These issues were disclosed as part of the IBM Java SDK updates in July 2018. Vulnerability Details CVEID: CVE-2018-1656 DESCRIPTION: The IBM Java Runtime Environment's...

JDK: unspecified vulnerability fixed in 6u201, 7u191, 8u181, and 10.0.2 (Libraries)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171. Easily exploitable vulnerability allows unauthenticated attacker with network access via...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK including Logjam affect IBM Tivoli System Automation for Integrated Operations Management

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 that is used by IBM Tivoli System Automation for Integrated Operations Management. These issues were disclosed as part of the IBM Java SDK updates in July 2015. This bulletin also addresses the Logjam Attac...

Security Bulletin: Vulnerabilities in IBM Java SDK affects IBM Application Delivery Intelligence v1.0.1, v1.0.1.1, and v1.0.2. (CVE-2016-2183, CVE-2016-5546, CVE-2016-5547,CVE-2016-5548, CVE-2016-5549)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7.1 that is used by IBM Application Delivery Intelligence v1.0.1, v1.0.1.1 and v1.0.2. This issue was disclosed as part of the IBM Java SDK updates in Jan 2017 Vulnerability Details CVEID: CVE-2016-2183...