Oracle Linux 8 : virt:kvm_utils3 (ELSA-2024-12792)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12792 advisory. - Fix CVE-2024-7383 NBD server improper certificate validation resolves: RHEL-52728 - Fix CVE-2022-0485: Fail nbdcopy if NBD read or write fails resolves:...

Security Updates for Microsoft Excel Products C2R (October 2020)

The Microsoft Excel Products are missing security updates. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the...

Microsoft Windows Privilege Escalation Vulnerability

A privilege elevation vulnerability exists in the POSIX subsystem. This vulnerability could allow a logged on user to take complete control of the system...

Multiple vulnerabilities in IBM Java SDK affect AIX

IBM SECURITY ADVISORY First Issued: Fri Jul 31 09:56:48 CDT 2020 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/javaapr2020advisory.asc https://aix.software.ibm.com/aix/efixes/security/javaapr2020advisory.asc...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affects IBM Agile Lifecycle Manager

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by IBM Agile Lifecycle Manager. IBM Agile Lifecycle Manager 2.2 has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-2654 DESCRIPTION: An unspecified vulnerability in Java SE related to...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affects IBM Agile Lifecycle Manager

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by IBM Agile Lifecycle Manager. IBM Agile Lifecycle Manager has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-2604 DESCRIPTION: An unspecified vulnerability in Java SE could allow an...

Security Bulletin: Multiple vulnerabilities in the IBM SDK, Java Technology Edition affects IBM Performance Management products

Summary Multiple vulnerabilities in the Oracle Java SE and the Java SE Embedded impact the IBM SDK, Java Technology Edition. Vulnerability Details CVEID: CVE-2020-2593 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE Networking component could allow an unauthenticated...

.NET Framework Remote Code Execution Vulnerability

A remote code execution vulnerability exists when Microsoft .NET Framework processes input. An attacker who successfully exploited this vulnerability could take control of an affected system. To exploit the vulnerability, an attacker would need to be able to upload a specially crafted file to a w...

Security Bulletin: Multiple vulnerabilites in IBM Java Runtime affect IBM Spectrum Protect (Tivoli Storage Manager) Windows and Macintosh Client (CVE-2018-2603, CVE-2018-2633)

Summary There are multiple vulnerabilities in the IBM® Runtime Environment Java™ used by the IBM Spectrum Protect formerly Tivoli Storage Manager Windows and Macintosh Client. These issues were disclosed as part of the IBM Java SDK updates in January 2018. Vulnerability Details CVEID: CVE-2018-26...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects Rational Insight

Summary There are vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6 and 7 that are used by Rational Insight. The issues were disclosed as part of the IBM Java SDK updates in April 2017 and July 2017. Vulnerability Details CVEID: CVE-2017-3514 DESCRIPTION: An unspecified vulnerabili...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security SiteProtector System

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by IBM Security SiteProtector System. These issues were disclosed as part of the IBM Java SDK updates in Jul 2017. Vulnerability Details CVEID: CVE-2017-10115 DESCRIPTION: An unspecified vulnerability...

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition

Summary Java SE issues disclosed in the Oracle April 2018 Critical Patch Update Vulnerability Details CVE IDs: CVE-2018-2814 CVE-2018-2794 CVE-2018-2783 CVE-2018-2799 CVE-2018-2798 CVE-2018-2797 CVE-2018-2796 CVE-2018-2795 CVE-2018-2800 CVE-2018-2790 DESCRIPTION: This bulletin covers all applicab...

Security Bulletin: CICS Transaction Gateway for Multiplatforms

Summary Multiple security vulnerabilities exist in the JREs shipped with CICS Transaction Gateway CICS TG for client applications. CICS TG itself is not vulnerable to all these risks but client side applications using the CICS TG supplied JREs might be. Vulnerability Details CVEID: CVE-2017-10198...

Security Bulletin:  Vulnerability CVE-2017-3511 in IBM Java SDK affects IBM Process Designer used in IBM Business Process Manager

Summary The CVE-2017-3511 vulnerability has been reported in IBM® SDK Java™ Technology Edition that is used by IBM Process Designer in IBM Business Process Manager. The issue was disclosed as part of the IBM Java SDK updates in April 2017. Vulnerability Details CVEID: CVE-2017-3511 DESCRIPTION: A...

Adobe Flash Player CVE-2018-4919 Use After Free Remote Code Execution Vulnerability

Description Adobe Flash Player is prone to an unspecified remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Successf...

Microsoft JET Database Engine Remote Code Execution Vulnerability (KB4034775)

This host is missing a critical security update according to Microsoft KB4034775 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Forefront Security for SharePoint Remote Code Execution Vulnerability (KB4022344)

This host is missing an important security update according to Microsoft KB4022344. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

MS16-135: Security update for Windows kernel-mode drivers: November 8, 2016

Resolves a vulnerability in Windows that could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of the system.SummaryThis security update resolves vulnerabilities in Microsoft...

Updated flash-player-plugin packages fix security vulnerability

This update fixes a use-after-free issue that can be triggered by attackers for arbitrary code execution, potentially allow the attacker to take control of the affected system CVE-2016-7855...

Microsoft Internet Explorer Memory Corruption (MS14-010: CVE-2014-0274)

A remote code execution vulnerability has been reported in Internet Explorer. The vulnerability is due an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open a...