9 matches found
Security Bulletin: IBM SPSS Statistics Java SE Vulnerability Updates
Summary Denial of service, unauthorized access and buffer size vulnerabilities have been addressed. Addresses Java CVEs: CVE-2026-21945, CVE-2026-21932, CVE-2026-21933, CVE-2026-21925, CVE-2026-1188, CVE-2025-2900 and CVE-2025-4447. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE ...
Security Bulletin: OpenPages is vulnerable to IBM Semeru Runtime Quarterly CPU - Apr 2025 - Includes OpenJDK April 2025 CPU plus two additional CVEs
Summary Security Bulletin: OpenPages is vulnerable to IBM Semeru Runtime Quarterly CPU - Apr 2025 - Includes OpenJDK April 2025 CPU with CVEs CVE-2025-21587, CVE-2025-30698, CVE-2025-2900, and CVE-2025-4447 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...
Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to issues in IBM Semeru Runtime version 17
Summary There are vulnerabilities in IBM Semeru Runtime version 17 used by IBM Sterling Connect:Direct for Microsoft Windows. IBM Sterling Connect:Direct for Microsoft Windows has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability i...
Security Bulletin: Multiple vulnerabilities disclosed in IBM Semeru Runtime affect IBM SPSS Collaboration and Deployment Services
Summary Multiple vulnerabilities disclosed in IBM Semeru Runtime affect IBM SPSS Collaboration and Deployment Services CVE-2025-21587, CVE-2025-30698, CVE-2025-2900, CVE-2025-4447. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An...
Security Bulletin: IBM Sterling Connect:Direct FTP+ is vulnerable to various attacks due to IBM Runtime Environment Java Technology Edition Version 17
Summary IBM Java 17 is used by IBM Sterling Connect:Direct FTP+ on AIX, Linux, and Windows platforms in product configuration and data transmission. IBM Sterling Connect:Direct FTP+ on AIX, Linux, and Windows platforms is impacted by vulnerabilities in IBM Java 17. IBM Sterling Connect:Direct FTP...
CVE-2025-2900
IBM Semeru Runtime 8.0.302.0 through 8.0.442.0, 11.0.12.0 through 11.0.26.0, 17.0.0.0 through 17.0.14.0, and 21.0.0.0 through 12.0.6.0 is vulnerable to a denial of service caused by a buffer overflow and subsequent crash, due to a defect in its native AES/CBC encryption implementation...
CVE-2025-2900 IBM Semeru Runtime denial of service
IBM Semeru Runtime 8.0.302.0 through 8.0.442.0, 11.0.12.0 through 11.0.26.0, 17.0.0.0 through 17.0.14.0, and 21.0.0.0 through 12.0.6.0 is vulnerable to a denial of service caused by a buffer overflow and subsequent crash, due to a defect in its native AES/CBC encryption implementation...
CVE-2025-2900 IBM Semeru Runtime denial of service
IBM Semeru Runtime 8.0.302.0 through 8.0.442.0, 11.0.12.0 through 11.0.26.0, 17.0.0.0 through 17.0.14.0, and 21.0.0.0 through 12.0.6.0 is vulnerable to a denial of service caused by a buffer overflow and subsequent crash, due to a defect in its native AES/CBC encryption implementation...
CVE-2025-2900
CVE-2025-2900 is documented in connected IBM security bulletins as affecting IBM Semeru Runtime across multiple releases with a denial-of-service impact due to a buffer overflow in the native AES/CBC encryption path. The IBM pages for OpenPages and related Bulletins explicitly reference CVE-2025-...