ForgeRock Access Manager/OpenAM Pre-Auth Remote Code Execution Vulnerability (CVE-2021-35464): What You Need To Know

On June 29, 2021, security researcher Michael Stepankin @artsploit posted details of CVE-2021-35464, a pre-auth remote code execution RCE vulnerability in ForgeRock Access Manager identity and access management software. ForgeRock front-ends web applications and remote access solutions in many...

SUSE: Security Advisory (SUSE-SU-2018:3868-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : java-1_8_0-openj9 (openSUSE-2021-776)

This update for java-180-openj9 fixes the following issues : - Update to OpenJDK 8u292 build 10 with OpenJ9 0.26.0 virtual machine. - CVE-2021-2161: Fixed incomplete enforcement of JAR signing disabled algorithms bsc1185055. This update was imported from the SUSE:SLE-15-SP2:Update update project...

Security Bulletin: Vulnerability deferred from Oracle Oct 2020 CPU for Java 8 SE may affect IBM® SDK, Java™ Technology Edition and IBM Operations Analytics Predictive Insights

Summary Vulnerability CVE-2020-14782, related to the Libraries component in IBM® SDK, Java™ Technology Edition affect IBM Operations Analytics Predictive Insights 1.3.6 and earlier. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

SUSE: Security Advisory (SUSE-SU-2016:2726-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Critical: Red Hat Security Advisory: java-1.8.0-ibm security update

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Server-Side Request Forgery (SSRF) in sterlp/svg2png

:book: Description Svg2Png Manage your Icons in SVG and generate the needed PNG into your projects as needed. No "Web Service" needed, just an executable JAR file. this package is vulnerable to XXE. https://github.com/sterlp/svg2png :recycle: Steps To Reproduce-: 0 download and run latest release...

SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2021:0019-1)

This update for java-171-ibm fixes the following issues : Update to Java 7.1 Service Refresh 4 Fix Pack 75 bsc1180063, bsc1177943 CVE-2020-14792 CVE-2020-14797 CVE-2020-14782 CVE-2020-14781 CVE-2020-14779 CVE-2020-14798 CVE-2020-14796 CVE-2020-14803 - Class Libraries : - Z/OS specific C function...

Important: Red Hat Security Advisory: java-1.8.0-ibm security update

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

java security update

CentOS Errata and Security Advisory CESA-2020:4350 An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detaile...

SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2020:2461-1)

This update for java-180-ibm fixes the following issues : Update to Java 8.0 Service Refresh 6 Fix Pack 15 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14556 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 - Class Libraries : -...

SUSE SLES15 Security Update : java-1_8_0-ibm (SUSE-SU-2020:2453-1)

This update for java-180-ibm fixes the following issues : Update to Java 8.0 Service Refresh 6 Fix Pack 15 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14556 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 - Class Libraries : -...

SUSE-SU-2020:2453-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 6 Fix Pack 15 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14556 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 Class Libraries: -...

java-1.8.0-openjdk security update

1:1.8.0.262.b10-0 - Update to aarch64-shenandoah-jdk8u262-b10. - Switch to GA mode for final release. - Update release notes for 8u262 release. - Fix typo in jfrarches which leads to ppc64 being wrongly excluded. - Split JDK-8042159 patch into per-repo patches as upstream. - Update JDK-8042159 JD...

SUSE SLES15 Security Update : java-1_8_0-ibm (SUSE-SU-2020:1684-1)

This update for java-180-ibm fixes the following issues : java-180-ibm was updated to Java 8.0 Service Refresh 6 Fix Pack 10 bsc1172277,bsc1169511,bsc1160968 CVE-2020-2654: Fixed an issue which could have resulted in unauthorized ability to cause a partial denial of service CVE-2020-2754: Forward...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Rational Application Developer for WebSphere Software

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 that are used by IBM Rational Application Developer for WebSphere Software. IBM Rational Application Developer for WebSphere Software has addressed the applicable CVEs. Vulnerability Details CVEID:...

Security Bulletin: vulnerabilities in in IBM® Runtime Environment Java™ Version 8 affect IBM WIoTP MessageGateway (CVE-2020-2805, CVE-2020-2803, CVE-2020-2781, CVE-2020-2755, CVE-2020-2754)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 that affect IBM WIoTP MessageGateway Vulnerability Details CVEID: CVE-2020-2805 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE Libraries component could allow an unauthenticated...

Cisco Data Center Network Manager 11.2 - Remote Code Execution

Cisco Data Center Network Manager 11.2 - Remote Code Execution !/usr/bin/python """ Cisco Data Center Network Manager SanWS importTS Command Injection Remote Code Execution Vulnerability Tested on: Cisco DCNM 11.2.1 Installer for Windows 64-bit - Release: 11.21 - Release Date: 18-Jun-2019 -...

Cisco Data Center Network Manager 11.2 - Remote Code Execution

!/usr/bin/python """ Cisco Data Center Network Manager SanWS importTS Command Injection Remote Code Execution Vulnerability Tested on: Cisco DCNM 11.2.1 Installer for Windows 64-bit - Release: 11.21 - Release Date: 18-Jun-2019 - FileName: dcnm-installer-x64-windows.11.2.1.exe.zip - Size: 1619.36 ...

Cisco Data Center Network Manager 11.2 Remote Code Execution

!/usr/bin/python """ Cisco Data Center Network Manager SanWS importTS Command Injection Remote Code Execution Vulnerability Tested on: Cisco DCNM 11.2.1 Installer for Windows 64-bit - Release: 11.21 - Release Date: 18-Jun-2019 - FileName: dcnm-installer-x64-windows.11.2.1.exe.zip - Size: 1619.36 ...