9 matches found
UBUNTU-CVE-2024-21140
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0....
Security Bulletin: Open Source Dependency Vulnerability
Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2020-8244 DESCRIPTION: Node.js bl module could allow a remote attacker to obtain sensitive information, caused by a buffer over-read flaw in the consume function. By sending a specially-crafte...
Security Bulletin: IBM Transformation Extender Advanced is vulnerable to information exposure due to IBM WebSphere Application Server Liberty (CVE-2022-22310)
Summary IBM Transformation Extender Advanced, previously known as IBM Standards Processing Engine, uses IBM WebSphere Application Server Liberty. An information exposure in IBM WebSphere Application Server Liberty has been addressed. Vulnerability Details CVEID: CVE-2022-22310 DESCRIPTION: IBM...
Security Bulletin: A security vulnerability in golang affects IBM Cloud Automation Manager
Summary A security vulnerability in golang affects IBM Cloud Automation Manager. Vulnerability Details CVEID: CVE-2021-44717 DESCRIPTION: Golang Go could allow a remote attacker to bypass security restrictions, caused by an error in the syscall.ForkExec interface. By causing the erroneous closing...
Intel® Thunderbolt™ Controller Advisory
Summary: A potential security vulnerability in some Intel® Thunderbolt™ controllers may allow information disclosure. Intel is releasing prescriptive guidance to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2019-14630 Description: Reliance on untrusted inputs in a...
CVE-2020-2899
Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft component: Purchasing. The supported version that is affected is 9.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM...
OpenJDK: Incorrect isBuiltinStreamHandler check causing URL normalization issues (Networking, 8228548)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
Security Bulletin: IBM Aspera WebApps (Shares, Faspex, Console, Orchestrator) and products are affected by OpenSSL Vulnerability (CVE-ID: CVE-2019-1543)
Summary IBM Aspera WebApps Shares, Faspex, Console, Orchestrator products have addressed the following OpenSSL vulnerability Vulnerability Details CVEID: CVE-2019-1543 DESCRIPTION: ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539...
Intel® VTune Amplifier 2018 for Windows* Update 3 Advisoy
Summary: A potential security vulnerability in Intel® VTune Amplifier 2018 for Windows may allow Escalation of Privilege. Intel is releasing VTune Amplifier updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2018-18093 Description: Improper file permissions in the...