Oracle Java SE Security Vulnerability

Oracle Java SE is an Oracle product for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments. A security vulnerability exists in Oracle Java SE version 8u381 and 8u381-perf that originated from a vulnerability that allows an...

Oracle Java SE Security Vulnerability

Oracle Java SE is an Oracle company for the development and deployment of Java applications for desktops, servers, and embedded devices and real-time environments. A security vulnerability exists in Oracle Java SE for Oracle Java SE versions 8u381, 8u381-perf, 11.0.20, 17.0.8, and 20.0.2, and...

PT-2023-6312

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u381, 8u381-perf, 11.0.20, 17.0.8, 21 Oracle GraalVM for JDK versions 17.0.8, 21 Oracle GraalVM Enterprise Edition versions 20.3.11, 21.3.7, 22.3.3 Description The issue is related to a flaw in the JSSE component of th...

PT-2023-6270

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u381 through 8u381-perf Oracle GraalVM Enterprise Edition versions 20.3.11 through 21.3.7 Description The vulnerability in the Oracle Java SE and Oracle GraalVM Enterprise Edition product is related to the CORBA...

CVE-2023-22025

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u381-perf, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition:...

Security Bulletin: Multipe vulnerabilities exists in the IBM® SDK, Java™ Technology Edition affects IBM Tivoli Network Configuration Manager.

Summary Multipe vulnerabilities exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration v6.4.2. CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968, CVE-2023-21937, CVE-2023-21938, CVE-2023-2597 Vulnerability Details...

Security Bulletin: IBM Cloud Pak for Network Automation 2.6.2 fixes multiple security vulnerabilities

Summary IBM Cloud Pak for Network Automation 2.6.2 fixes multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2023-20859 DESCRIPTION: VMware Tanzu Spring Vault could allow a local authenticated attacker to obtain sensitive information, caused by the inserti...

Security Bulletin: IBM Security Verify Governance is affected by multiple vulnerabilities

Summary IBM Security Verify Governance uses various components, such as IBM Java, and Dojo. Security vulnerabilities in multiple components have been addressed in the IBM Security Verify Governance update. Vulnerability Details CVEID:CVE-2021-22569 DESCRIPTION: Google Protocol Buffer protobuf-jav...

Information Disclosure

openjdk8 is vulnerable to Information Disclosure. An attacker can access the vulnerable library through the multiple network and gain read access to the subset of Oracle Java SE, Oracle GraalVM Enterprise Edition and Oracle GraalVM...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Netcool Impact

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Tivoli Netcool Impact. IBM Tivoli Netcool Impact has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle...

Security Bulletin: Vulnerabilities in IBM Semeru Runtime affects Host On-Demand

Summary There is a vulnerability in IBM Semeru Runtime used by Host On-Demand. Host On-Demand has provided a fix for the applicable CVE. These issues were disclosed as part of the IBM Semeru Runtime Quarterly CPU - Apr 2023 - Includes OpenJDK April 2023 CPU. Vulnerability Details...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM Storage Scale

Summary There is a vulnerability in IBM SDK Java Technology Edition, used by IBM Storage Scale. This issue was disclosed as part of the IBM Java SDK updates in April 2023. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM...

Debian dla-3571 : openjdk-11-dbg - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3571 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3571-1 [email protected]...

Security Bulletin: Multiple Security vulnerabilities in IBM Java in FileNet Content Manager

Summary Multiple Security vulnerabilities in IBM Java in FileNet Content Manager, affected, not vulnerable Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow an...

Security Bulletin: TADDM affected by multiple vulnerabilities due to IBM Java and its runtime

Summary IBM Tivoli Application Dependency Discovery Manager is vulnerable to denial of service due to use of IBM Java and runtimes CVE-2023-21930, CVE-2023-21967,CVE-2023-21954, CVE-2023-21939,CVE-2023-21968,CVE-2023-21937, CVE-2023-21938,CVE-2023-2597 Vulnerability Details CVEID:CVE-2023-21930...

Security Bulletin: IBM Sterling Secure Proxy is vulnerable to multiple issues

Summary Multple vulnerabilities affect IBM Sterling Secure Proxy and are addressed in the latest release and iFix Vulnerability Details CVEID:CVE-2023-26048 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by an out of memory flaw in the HttpServletRequest.getParameter or...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.5.3.7)

The version of AOS installed on the remote host is prior to 6.5.3.7. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.5.3.7 advisory. - An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying...

The vulnerability of the JNDI component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows attackers to access, modify, add, or delete data.

The vulnerability of the JNDI component of Oracle Java SE and the Oracle GraalVM Enterprise Edition virtual machine is related to the use of insufficiently random values. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, or delete data...

The vulnerability of the Networking component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Networking component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine is related to the ability to bypass authentication through phising techniques. Exploiting this vulnerability can allow an attacker, operating remotely, t...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Business Service Manager (Multiple CVEs)

Summary IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. Information about security vulnerabilities affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: A...