Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Content Collector for SAP Applications

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Java™ Version 7 and Java™ Version 8 that is used by IBM Content Collector for SAP Applications. These issues were disclosed as part of the IBM Java SDK updates in Oct 2019. Vulnerability Details CVEID: CVE-2019-2989...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affecting Rational Functional Tester

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8.0.6.0 used by Rational Functional Tester RFT version 8.6.0.7 - 9.5. RFT has addressed the applicable CVEs. Vulnerability Details Rational Functional Tester has addressed the following: If you run your own...

The vulnerability in the Networking component of Oracle Java SE and Java SE Embedded software components allows attackers to modify, add, or delete data, or gain unauthorized access to protected information.

The vulnerability of Oracle Java SE and Java SE Embedded software’s Networking component is related to errors in URL normalization. Exploiting this vulnerability can allow an attacker to gain access to, modify, add, or delete data, or to obtain unauthorized access to protected information...

The vulnerability of Oracle Java SE and Java SE Embedded software’s Networking component allows a hacker to gain access to modify, add, or delete data.

The vulnerability of Oracle Java SE and Java SE Embedded software’s Networking component exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain access to modify, add, or delete data remotely...

The vulnerability of the Networking component in Oracle Java SE and Java SE Embedded software platforms allows a attacker to cause partial service disruption.

The vulnerability of the Networking component in Oracle Java SE and Java SE Embedded software platforms is related to access control deficiencies. Exploiting this vulnerability can allow an attacker to cause a partial service outage using network protocols...

CVE-2020-2593

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

Huawei EulerOS: Security Advisory for java-1.7.0-openjdk (EulerOS-SA-2017-1099)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for java-1.7.0-openjdk (EulerOS-SA-2017-1330)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Java SE/Java SE Embedded CVE-2020-2659 Remote Security Vulnerability

Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Networking' component. This vulnerability affects the following supported versions: Java SE: 7u241, 8u231; Java SE...

Oracle Java SE/Java SE Embedded CVE-2020-2593 Remote Security Vulnerability

Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Networking' component. This vulnerability affects the following supported versions: Java SE: 7u241, 8u231, 11.0.5,...

Ubuntu 16.04 LTS / 18.04 LTS : OpenJDK vulnerabilities (USN-4223-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4223-1 advisory. Jan Jancar, Petr Svenda, and Vladimir Sedlacek discovered that a side- channel vulnerability existed in the ECDSA implementation in OpenJDK. ...

USN-4191-2 qemu vulnerabilities

USN-4191-2 fixed a vulnerability in QEMU. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that the LSI SCSI adapter emulator implementation in QEMU did not properly validate executed scripts. A local attacker could use this to cause...

The vulnerability in the Networking component of Java SE and Java SE Embedded software platforms allows a attacker to cause a service failure.

The vulnerability of the Networking component in Java SE and Java SE Embedded software platforms is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures using various network protocols...

The vulnerability in the Networking component of the OpenJDK project’s Java programming language allows attackers to compromise data integrity and violate data confidentiality.

The vulnerability of the Networking component of the OpenJDK Java programming language project is related to the possibility of failing to verify URL addresses. Exploiting this vulnerability could allow a malicious actor to compromise data integrity and violate data confidentiality...

Oracle Java SE/Java SE Embedded CVE-2019-2978 Remote Security Vulnerability

Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over Multiple protocols. This issue affects the 'Networking' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13;...

Oracle Java SE/Java SE Embedded CVE-2019-2989 Remote Security Vulnerability

Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over Multiple protocols. This issue affects the 'Networking' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13;...

Oracle Java SE/Java SE Embedded CVE-2019-2945 Remote Security Vulnerability

Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over Multiple protocols. This issue affects the 'Networking' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13;...

OpenJDK: Missing URL format validation (Networking, 8221518)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access v...

Ubuntu 16.04 LTS : OpenJDK 8 vulnerabilities (USN-4080-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4080-1 advisory. Keegan Ryan discovered that the ECC implementation in OpenJDK was not sufficiently resilient to side- channel attacks. An attacker could possibly use thi...

Ubuntu 18.04 LTS : OpenJDK 11 vulnerabilities (USN-4083-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4083-1 advisory. It was discovered that OpenJDK did not sufficiently validate serial streams before deserializing suppressed exceptions in some situations. An attacker...