kernel: net: do not leave a dangling sk pointer, when socket creation fails

A vulnerability was found in the Linux kernel's networking component in the sockrelease function, where a dangling pointer can occur when socket creation fails. This happens when a reference to the socket is not cleared, leading to a use-after-free condition...

Low: java-17-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10,...

Amazon Linux 2023 : java-22-amazon-corretto, java-22-amazon-corretto-devel, java-22-amazon-corretto-headless (ALAS2023-2024-601)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-601 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java...

OpenJDK: HTTP/2 client improper reverse DNS lookup (8315708)

A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle...

CVE-2024-21012

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10, 21.0.2, 22; Oracle GraalVM...

PT-2024-3735

Name of the Vulnerable Software and Affected Versions: Oracle Java SE versions 11.0.22, 17.0.10, 21.0.2, 22 Oracle GraalVM for JDK versions 17.0.10, 21.0.2, 22 Oracle GraalVM Enterprise Edition versions 20.3.13, 21.3.9 Description: The issue is related to a vulnerability in the Networking compone...

Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to multiple issues due to Oracle Java SE

Summary IBM Sterling Partner Engagement Manager uses Oracle Java SE. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the...

Security Bulletin: There are multiple vulnerabilities in IBM Semeru Runtime that is shipped with CICS Transaction Gateway Desktop Edition.

Summary There are multiple vulnerabilities in IBM Semeru Runtime that is shipped with CICS Transaction Gateway Desktop Edition. An update to CICS Transaction Gateway Desktop Edition has been released to address these vulnerabilities. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An...

Security Bulletin: IBM Security Directory Integrator affected by multiple vulnerabilities affecting IBM Java SDK

Summary Security Vulnerabilities found in IBM Java SDK shipped with IBM Security Directory Integrator have been addressed with this update. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE...

The vulnerability in the Networking component of operating systems macOS, iOS, and iPadOS allows attackers to disclose sensitive information that is protected by these systems.

The vulnerability of the Networking component in operating systems such as macOS, iOS, and iPadOS is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to disclose sensitive information that should be protected...

Oracle Enterprise Manager Ops Center (January 2024 CPU)

The 12.4.0.0 version of Enterprise Manager Ops Center installed on the remote host is affected by a vulnerability as referenced in the January 2024 CPU advisory. The vulnerability lies in the Networking Jettison component of Enterprise Manager Ops Center. It is an easily exploitable vulnerability...

Microsoft Windows TCP/IP component security vulnerability

Microsoft Windows TCP/IP component is a component of Microsoft Corporation USA that provides TCP/IP configuration capabilities for Windows. A security vulnerability exists in Microsoft Windows TCP/IP component. An attacker could exploit the vulnerability to obtain sensitive information. The...

Advisory ROSA-SA-2023-2314

Software: java-1.8.0-openjdk 1.8.0.392.b08 OS: rosa-server79 packageevrstring: java-1.8.0-openjdk-1.8.0.392.b08-2.res7 CVE-ID: CVE-2020-14779 BDU-ID: 2020-05051 CVE-Crit: LOW CVE-DESC.: A vulnerability in the Serialization component of the Java SE, Java SE Embedded software platforms is related t...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM® Db2®. (Apr 2023 CPU)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7.1.5.17 and earlier, 8.0.8.4 and earlier used by IBM® Db2®. These issues were disclosed as part of the IBM Java SDK updates in April 2023. Vulnerability Details CVEID: CVE-2023-21930 DESCRIPTION: An unspecified...

The vulnerability of the networking component of Microprogramming Software for Cisco Access Points models 9124, 9130, 9136, 9164, and 9166 allows a hacker to cause service interruptions.

The vulnerability of the networking component of Microprogramming Software for Cisco Access Points models 9124, 9130, 9136, 9164, and 9166 is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Netcool Impact

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Tivoli Netcool Impact. IBM Tivoli Netcool Impact has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle...

Cisco Catalyst 9100 Access Points DoS (cisco-sa-click-ap-dos-wdcXkvnQ)

According to its self-reported version, Cisco Catalyst 9100 Access Points Denial of Service is affected by a vulnerability. - A vulnerability in the networking component of Cisco access point AP software could allow an unauthenticated, remote attacker to cause a temporary disruption of service...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM Storage Scale

Summary There is a vulnerability in IBM SDK Java Technology Edition, used by IBM Storage Scale. This issue was disclosed as part of the IBM Java SDK updates in April 2023. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM...

Security Bulletin: Multiple Security vulnerabilities in IBM Java in FileNet Content Manager

Summary Multiple Security vulnerabilities in IBM Java in FileNet Content Manager, affected, not vulnerable Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow an...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Business Service Manager (Multiple CVEs)

Summary IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. Information about security vulnerabilities affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: A...