83 matches found
Security Bulletin: Communications Server (CS) for Data Center Deployment, CS for Linux, and CS for Linux on System z are affected by: IBM SDK, Java Technology Edition Quarterly CPU - Jan 2026 - Includes Oracle January 2026 CPU
Summary Communications Server CS for Data Center Deployment, CS for Linux, and CS for Linux on System z install a local Java JRE in its product directories. This JRE is used solely for the IBM Key Manager ikeyman tool which is called by the snakeyman script used for managing the SSL key database...
RHSA-2026:4832 Red Hat Security Advisory: java-1.8.0-ibm security update
Bulletin has no description...
Security Bulletin: IBM Sterling Connect:Direct Web Services is affected by multiple IBM JRE vulnerabilities
Summary IBM Sterling Connect:Direct Web Services uses IBM java, which has an unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause high confidentiality, high integrity impacts. Vulnerability Details CVEID:CVE-2024-21147 DESCRIPTION: An unspecified...
Security Bulletin: Multiple vulnerabilities in IBM® Semeru Runtime affect IBM ILOG CPLEX Optimization Studio (CVE-2023-21968, CVE-2023-21937, CVE-2023-21938)
Summary There are multiple vulnerabilities in IBM® Semeru Runtime Versions 8 and 11 used by IBM ILOG CPLEX Optimization Studio. These issues were disclosed as part of the Oracle / OpenJDK April 2023 Critical Patch Updates. Vulnerability Details CVEID:CVE-2023-21968 DESCRIPTION: An unspecified...
Security Bulletin: A vulnerabbility exists in IBM® SDK, Java™ Technology Edition affecting IBM Tivoli Netcool Configuration Manager (CVE-2021-2163).
Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Netcool Configuration Manager v6.4.2, which was disclosed in the Oracle April 2021 Critical Patch Update, but deferred until the release associated with the August 2022 Update. Vulnerabilit...
Security Bulletin: A vulnerability in IBM Java affects IBM ILOG CPLEX Optimization Studio (CVE-2022-21299)
Summary There is a vulnerability in IBM® Runtime Environment Java™ Versions 7 & 8 used by IBM CPLEX Optimization Studio. IBM CPLEX Optimization Studio has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2022-21299 DESCRIPTION: An unspecified vulnerability in Java SE related to the...
Security Bulletin: IBM WebSphere Real Time clients affected by vulnerabilities in IBM JRE (CVE-2012-4820, CVE-2012-4821, CVE-2012-4822, CVE-2012-4823)
Abstract These vulnerabilities are only applicable to Java deployments where untrusted code may be executed under a security manager e.g. Java applets running in a web browser. Content VULNERABILITY DETAILS: CVE IDs: CVE-2012-4820, CVE-2012-4821, CVE-2012-4822, CVE-2012-4823 DESCRIPTION: There ar...
Security Bulletin: Tivoli Storage Productivity Center clients affected by vulnerabilities in IBM JRE (CVE-2012-4820, CVE-2012-4821, CVE-2012-4822, CVE-2012-4823)
Abstract These vulnerabilities are only applicable to Java deployments where untrusted code may be executed under a security manager e.g. Java applets running in a web browser. Content VULNERABILITY DETAILS: CVE IDs: CVE-2012-4820, CVE-2012-4821, CVE-2012-4822, CVE-2012-4823 DESCRIPTION: There ar...
Security Bulletin: InfoSphere Replication Dashboard is affected by a vulnerability in the IBM JRE (CVE-2013-5780)
Abstract An unspecified vulnerability in IBM Java related to the Libraries component could allow a remote attacker to obtain sensitive information. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-5780 CVSS: CVSS Base Score: 4.3 CVSS Temporal Score: See...
Security Bulletin: Tivoli Management Framework affected by vulnerabilities in IBM JRE (CVE-2012-4820, CVE-2012-4821, CVE-2012-4822, CVE-2012-4823)
Abstract These vulnerabilities are only applicable to Java deployments where untrusted code may be executed under a security manager e.g. Java applets running in a web browser. Tivoli Management Framework does not have functions that allow external attackers to upload and execute Java code...
Security Bulletin: IBM InfoSphere Optim Performance Manager affected by vulnerability in IBM Java Runtime Environment (CVE-2013-4002)
Abstract Unspecified vulnerability in the IBM Java Runtime Environment JRE in IBM Java allows remote attackers to affect availability via unknown vectors. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-4002 CVSS: CVSS Base Score: 7.1 CVSS Temporal Score: See...
Security Bulletin: TADDM 7.2.1.4: Vulnerabilities in embedded JRE.
Abstract Multiple security vulnerabilities exist in the Java Runtime Environments JREs IBM JRE 5.0 Service Release 16 or earlier, and non-IBM Java 5.0 or earlier, that can affect the security of IBM Tivoli Application Dependency Discovery Manager. Content VULNERABILITY DETAILS: CVEID: CVE-2013-14...
Security Bulletin: IBM Tivoli Composite Application Manager for Transactions affected by vulnerabilities in IBM JRE (Multiple CVEs)
Abstract IBM Tivoli Composite Application Manager for Transactions is shipped with two IBM JREs that are based on Oracle Java. It is also dependent on ITM 6.2.1 Framework, which also has its own JRE. Oracle has released an April 2013 Critical Patch Update CPU that contains security vulnerability...
Security Bulletin: IBM Tivoli Composite Application Manager for Transactions affected by vulnerabilities in IBM JRE (Multiple CVEs)
Abstract IBM Tivoli Composite Application Manager for Transactions is shipped with two IBM JREs that are based on Oracle Java. It is also dependent on ITM 6.2.1 Framework, which also has it own JRE. Oracle has released a June 2013 Critical Patch Update CPU that contains security vulnerability fix...
Security Bulletin: IBM Operational Decision Manager and WebSphere ILOG JRules: Multiple security vulnerabilities in IBM JRE
Abstract This Security Bulletin addresses the security vulnerabilities that have shipped with the IBM Java Runtime Environment JRE included in IBM Operational Decision Manager and IBM ILOG JRules. IBM ODM and ILOG JRules now include the most recent version of the IBM JRE which fixes the security...
Security Bulletin: DB2 Recovery Expert for Linux, UNIX and Windows affected by vulnerability in IBM Java JRE (CVE-2013-0169)
Abstract IBM DB2 Recovery Expert for Linux, UNIX and Windows uses the IBM Java Runtime Environment JRE and is affected by a vulnerability issue in the IBM JRE. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-0169 DESCRIPTION: The TLS protocol does not properly consider timing side-channel attacks...
Security Bulletin: Vulnerabilities in Content Classification Version 8.8 due to security vulnerabilities in IBM JRE 6
Abstract Multiple security vulnerabilities in IBM Java Runtime Environment JRE can affect the security of IBM Content Classification. Content VULNERABILITY DETAILS CVE IDs: CVE-2012-5083, CVE-2012-1531 DESCRIPTION Vulnerabilities in IBM JRE Service Release 12 can impact the security of IBM Conten...
Security Bulletin: IBM InfoSphere Master Data Management Reference Data Management Hub affected by a vulnerability in the IBM JRE used by WebSphere Application Server (CVE-2012-5081)
Abstract An unspecified vulnerability in the Java Runtime Environment JRE allows remote attackers to affect availability, related to JSSE. Content VULNERABILITY DETAILS: CVE ID: CVE-2012-5081 CVSS Base Score: 5 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/79435 fo...
Security Bulletin: Multiple vulnerabbilities exists in the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Configuration Manager
Summary Multiple vulnerabilities exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration Manager IP Edition v6.4.2, which was disclosed in the Oracle January 2022 Critical Patch Update. CVE-2022-21365, CVE-2022-21360, CVE-2022-21349, CVE-2022-2134...
Security Bulletin: Multiple vulnerabilities exist in the IBM® SDK, Java™ Technology Edition affecting IBM Tivoli Network Manager
Summary Multiple vulnerabilities exist in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Manager IP Edition v4.2, which was disclosed in the Oracle January 2022 Critical Patch Update. CVE-2022-21365, CVE-2022-21360, CVE-2022-21349, CVE-2022-21341, CVE-2022-21340...