71 matches found
PT-2022-6855
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 7u321, 8u311, 11.0.13, 17.0.1 Oracle GraalVM Enterprise Edition versions 20.3.4, 21.3.0 Description The issue is related to the Serialization component in Oracle Java SE and Oracle GraalVM Enterprise Edition, allowing a...
Oracle Java SE和Oracle GraalVM 输入验证错误漏洞
Oracle GraalVM is a set of on-the-fly compilers written in the Java language from Oracle Corporation USA.GraalVM Enterprise Edition is the enterprise version of GraalVM.An input validation error vulnerability exists in Oracle GraalVM due to an Oracle GraalVM Enterprise Edition has incorrect input...
Oracle Java SE和Oracle GraalVM 输入验证错误漏洞
Oracle GraalVM is a set of on-the-fly compilers written in the Java language from Oracle Corporation USA. The product supports multiple programming languages and execution modes.GraalVM Enterprise Edition is the enterprise version of GraalVM.An input validation error vulnerability exists in Oracl...
PT-2022-2124
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 7u321, 8u311, 11.0.13, 17.0.1 Oracle GraalVM Enterprise Edition versions 20.3.4, 21.3.0 Description The issue is related to the Serialization component and can be exploited by an unauthenticated attacker with network...
Security Bulletin: IBM DataPower Gateway affected by multiple vulnerabilities in Java Runtime
Summary IBM has addressed the following CVEs: CVE-2020-2593, CVE-2020-2583 Vulnerability Details CVEID: CVE-2020-2593 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE Networking component could allow an unauthenticated attacker to cause low confidentiality impact, low...
Security Bulletin: A vulnerability in IBM Java SE affects IBM Elastic Storage System
Summary There is a vulnerability in IBM SDK Java Technology Edition, used by IBM Elastic Storage System. This issue was disclosed as part of the IBM Java SDK updates in Oct 2020. Vulnerability Details CVEID: CVE-2020-14782 DESCRIPTION: An unspecified vulnerability in Java SE related to the...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK (October 2020) affect IBM InfoSphere Information Server
Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition, Versions 7 and 8 that are used by IBM InfoSphere Information Server. These issues were disclosed as part of the IBM Java SDK updates in October 2020. Vulnerability Details CVEID: CVE-2020-14797 DESCRIPTION: An...
Security Bulletin: Security vulnerabilities in Java SE affects Rational Build Forge
Summary Java SE that is used by IBM Rational Build Forge has a security vulnerabilities. IBM Rational Build Forge has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-14792 DESCRIPTION: An unspecified vulnerability in Java SE related to the Hotspot component could allow an...
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect z/TPF
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by the z/TPF system. z/TPF has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-14797 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow...
OpenJDK: High memory usage during deserialization of Proxy class with many interfaces (Serialization, 8236862)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
OpenJDK: High memory usage during deserialization of Proxy class with many interfaces (Serialization, 8236862)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation Application Manager Apr 2020 CPU (CVE-2020-2805, CVE-2020-2803, CVE-2020-2757, CVE-2020-2756)
Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition used by IBM Tivoli System Automation Application Manager. These issues were disclosed as part of the IBM Java SDK updates in Apr 2020. Vulnerability Details CVEID: CVE-2020-2805 DESCRIPTION: An unspecified vulnerability...
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affects IBM Agile Lifecycle Manager
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by IBM Agile Lifecycle Manager. IBM Agile Lifecycle Manager has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-2604 DESCRIPTION: An unspecified vulnerability in Java SE could allow an...
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect z/TPF
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by the z/TPF system. z/TPF has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-2604 DESCRIPTION: An unspecified vulnerability in Java SE could allow an unauthenticated attacker to take...
Security Bulletin: Multiple vulnerabilities in the IBM SDK, Java Technology Edition affects IBM Performance Management products
Summary Multiple vulnerabilities in the Oracle Java SE and the Java SE Embedded impact the IBM SDK, Java Technology Edition. Vulnerability Details CVEID: CVE-2020-2593 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE Networking component could allow an unauthenticated...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Content Collector for SAP Applications
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Java™ Version 7 and Java™ Version 8 that is used by IBM Content Collector for SAP Applications. These issues were disclosed as part of the IBM Java SDK updates in Oct 2019. Vulnerability Details CVEID: CVE-2019-2989...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affecting Rational Functional Tester
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8.0.6.0 used by Rational Functional Tester RFT version 8.6.0.7 - 9.5. RFT has addressed the applicable CVEs. Vulnerability Details Rational Functional Tester has addressed the following: If you run your own...
OpenJDK: Unexpected exception thrown during Font object deserialization (Serialization, 8224915)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
Denial Of Service
Java SE and Java SE Embedded are vulnerable to denial of serviceDoS attacks. A remote user can exploit a flaw in the Serialization component to cause application crash resulting in partial denial of service conditions...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum Scale (CVE-2015-4843, CVE-2015-4805, CVE-2015-4810, CVE-2015-4806, CVE-2015-4871, CVE-2015-4902)
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 that is used by the IBM Spectrum Scale GUI. These issues were disclosed as part of the IBM Java SDK updates for October 2015. Vulnerability Details CVEID: CVE-2015-4843 DESCRIPTION: An unspecified...