EUVD-2005-0472

Malware in sbrugna...

KLA74035 Multiple vulnerabilities in Oracle Java

Multiple vulnerabilities were found in Oracle Java. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Validation of untrusted input vulnerability can be exploited...

KLA61443 Multiple vulnerabilities in Oracle Java SE and GraalVM

Multiple vulnerabilities were found in Oracle Java SE and GraalVM. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Code execution vulnerability in CORBA can be exploited to execute arbitrary code...

Security Bulletin: Vulnerabilities in IBM Java Runtime affect z/Transaction Processing Facility

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 that is used by the z/TPF system. z/TPF has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-21967 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Editi...

Security Bulletin: Vulnerability IBM Java XML Parser used in IBM License Metric Tool and IBM Tivoli Asset Discovery for Distributed (CVE-2013-4002)

Abstract IBM License Metric Tool and IBM Tivoli Asset Discovery for Distributed ships with IBM Java JRE. This JRE contains a variant of Apache-J XML parser XM4J that is vulnerable to a denial of service attack triggered by malformed XML data. Content CVE ID: CVE-2013-4002 IBM CVSS SCORE: 7.1CVSS...

Security Bulletin: IBM Security SiteProtector System can be affected by a vulnerability in the IBM Java JRE (CVE-2013-5809)

Abstract IBM Security SiteProtector System can be affected by vulnerability in the IBM Java JRE. This vulnerability could allow a remote attacker to affect confidentiality, integrity, and availability by means of unknown vectors related to the Java 2D component. Content VULNERABILITY DETAILS:...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect z/TPF

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by the z/TPF system. z/TPF has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-2773 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE Security component could...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM DataQuant for Workstation (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM DataQuant for Workstation. Vulnerability Details CVEID: CVE-2015-4000 The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey...

Security Bulletin: Vulnerabilities in OpenSSL affect DataQuant for Workstation (CVE-2015-0204)

Summary OpenSSL vulnerabilities were disclosed on January 8, 2015 by the OpenSSL Project. This includes “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability. OpenSSL is used by IBM DataQuant for Workstation. IBM DataQuant for Workstation has addressed the applicabl...

Security Bulletin: Multiple vulnerabilities in IBM Java JRE, 8.0-1.1 affect IBM Netezza Platform Software clients.

Summary IBM Java JRE 8.0-1.1 is used by IBM Netezza Platform Software. IBM Netezza Platform Software has addressed the applicable CVEs by upgrading the IBM Java JRE to latest version 8.0-5.41, provided through PDA version 7.2.1.9-P1 will help resolve following CVEs. Vulnerability Details CVEID:...

Security Bulletin: Multiple Security Vulnerabilities found in IBM Sterling Secure Proxy (CVE-2014-0411, CVE-2014-0050)

Summary IBM Sterling Secure Proxy is shipped with IBM Runtime Environment, Java™ Technology Edition the “IBM JRE”, that is based on an Oracle Java Runtime Environment JRE. Oracle has released the January 2014 critical patch updates CPU that contain security vulnerability fixes for the JRE. The IB...

Security Bulletin: Vulnerabilities in IBM Java SDK (October 2018) affecting IBM Application Delivery Intelligence for IBM Z V5.1.0, V5.0.5 and V5.0.4 (CVE-2018-3139, CVE-2018-3180)

Summary Multiple vulnerabilities are identified in IBM® SDK Java™ Technology Edition Version 1.7 and Version 1.8 that are used by IBM Application Delivery Intelligence for IBM Z V5.1.0, V5.0.5, and V5.0.4 respectively. These issues were disclosed as part of the IBM Java SDK updates in October 201...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect z/TPF

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by the z/TPF system. z/TPF has addressed the applicable CVEs. Vulnerability Details If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to...

Security Bulletin: One vulnerability in IBM Java SDK affects IBM Application Delivery Intelligence v1.0.1, v1.0.1.1, v1.0.2, v5.0.2, v5.0.2.1, v5.0.3, v5.0.4, v5.0.4.1 (CVE-2017-10356)

Summary There is one vulnerability in the following versions of IBM® SDK Java™ Technology Edition, which affects IBM® Application Delivery Intelligence ADI: - Version 7.1, that is used by ADI v1.0.1, v1.0.1.1, v1.0.2, v5.0.2, v5.0.2.1, and v5.0.3. - Version 8.0, that is used by ADI v5.0.4 and...

Security Bulletin: Multiple vulnerabilities in IBM Java JRE affect IBM Tivoli Monitoring

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.6, and Version 7 that is shipped as part of multiple IBM Tivoli Monitoring ITM components. Vulnerability Details CVEID: CVE-2018-2579 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the...

Security Bulletin: Multiple vulnerabilities in IBM Java JRE affect IBM Tivoli Monitoring

Summary There are several vulnerabilities in the IBM® Java™ Runtime Technology Edition that is shipped as part of multiple IBM Tivoli Monitoring ITM components. Vulnerability Details CVEID: CVE-2017-10345 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM DB2 QMF for Workstation (CVE-2015-2613, CVE-2015-2601, CVE-2015-2625)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 6 and 8 that are used by IBM DB2 QMF for Workstation. These issues were disclosed as part of the IBM Java SDK updates in July 2015. Vulnerability Details CVEID: CVE-2015-2613 DESCRIPTION: An...

KLA10887 Multiple vulnerabilities in Oracle Java SE

An unspecified vulnerabilities were found in Oracle Java SE. By exploiting this vulnerability malicious users can cause denial of service, affect integrity or obtain sensitive information. This vulnerability can be exploited remotely. Technical details These vulnerabilities are related to 2D, AWT...

Oracle Java JRE AES Intrinsics Remote Denial of Service

Unspecified vulnerability in Oracle Java SE 8u45 and Java SE Embedded 8u33 allows remote attackers to affect availability via unknown vectors related to Security. Recent assessments: jcran at November 14, 2019 9:43pm UTC reported: Causes a hard crash for the web application server for example,...

JAVA Web Start Arbitrary command-line injection

No description provided by source. Bye bye my little 0day :, Tavis Ormandy did a great job uncovering a big logic flaw within Java JRE. I discovered that bug and other that affects every browser few weeks ago and I posted the common 0day++ tweet. The method in which Java Web Start support has bee...