Security Bulletin: Due to use of IBM SDK, Java Technology Edition, IBM Tivoli Application Dependency Discovery Manager is vulnerable to Buffer overflow in OMR

Summary There is a Buffer overflow vulnerability in OMR allows denial-of-service in IBM® SDK Java™ Technology Edition used by IBM Tivoli Application Dependency Discovery Manager TADDM. Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTION: In the Eclipse OMR port library component since release...

Astra Linux - уязвимость в derby

A cleverly devised username might bypass LDAP authentication checks. In LDAP-authenticated Derby installations, this could let an attacker fill up the disk by creating junk Derby databases. In LDAP-authenticated Derby installations, this could also allow the attacker to execute malware which was...

SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2026:0382-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0382-1 advisory. Security fixes: - CVE-2026-21925: Fixed Oracle Java SE component RMI bsc1257034 - CVE-2026-21932: Fixed Oracle Java SE component AWT and JavaFX...

CLSA-2025-1765898779 java-1.8.0-openjdk: Fix of 2 CVEs

Upgrade to shenandoah-jdk8u472-b08 GA fixing the following CVEs: - CVE-2025-53057: enhance certificate handling - CVE-2025-53066: enhance Path Factories...

EUVD-2022-6726

Malicious code in bioql PyPI...

EUVD-2023-3026

Malicious code in bioql PyPI...

Debian dla-4269 : ca-certificates-java - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4269 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4269-1 [email protected] https://www.debian.org/lts/security/...

Linux Distros Unpatched Vulnerability : CVE-2022-46337

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cleverly devised username might bypass LDAP authentication checks. In LDAP-authenticated Derby installations, this could let an attacker fill up the disk by...

Security Bulletin: IBM Tivoli Application Dependency Discovery Manager affected by unspecified vulnerability due to IBM Java and its runtime

Summary IBM Tivoli Application Dependency Discovery Manager is vulnerable to denial of service due to use of IBM Java and runtimes CVE-2023-22045, CVE-2023-22049, CVE-2023-22081, CVE-2023-22067, CVE-2023-5676 Vulnerability Details CVEID:CVE-2023-22045 DESCRIPTION: An unspecified vulnerability in...

UBUNTU-CVE-2022-46337

A cleverly devised username might bypass LDAP authentication checks. In LDAP-authenticated Derby installations, this could let an attacker fill up the disk by creating junk Derby databases. In LDAP-authenticated Derby installations, this could also allow the attacker to execute malware which was...

CVE-2022-46337 Apache Derby: LDAP injection vulnerability in authenticator

A cleverly devised username might bypass LDAP authentication checks. In LDAP-authenticated Derby installations, this could let an attacker fill up the disk by creating junk Derby databases. In LDAP-authenticated Derby installations, this could also allow the attacker to execute malware which was...

OESA-2022-2010 protobuf security update

Security Fixes: A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 4.21.5 for protobuf-python can...

Security Bulletin: The IBM® Engineering Lifecycle Management products recommendation for Java CPU CVE-2021-35561

Summary Java version 7.0.11.5 and earlier, 7.1.5.5 and earlier, 8.0.7.6 and earlier are affected by a flaw in the java.util component allows an attacker to inflict a denial of service via malicious serialized data which triggers an OutOfMemoryError. Vulnerability Details Refer to the security...

PT-2022-4609 · Oracle +1 · Java +1

Name of the Vulnerable Software and Affected Versions: Apache Geode versions up to 1.12.5, 1.13.4 and 1.14.0 Description: The issue is related to the deserialization of untrusted data when using JMX over RMI on Java 8, which can allow a remote attacker to execute arbitrary code. To protect agains...

SUSE-SU-2022:0871-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: Update to version jdk8u322 icedtea-3.22.0 Including the following security fixes: - CVE-2022-21248, bsc1194926: Enhance cross VM serialization - CVE-2022-21283, bsc1194937: Better String matching - CVE-2022-21293, bsc1194935: Improve...

Upgrade bundled Java to 8u292+

Currently our latest available Jira version includes AdoptOpenJDK 1.8.0275, which does not include a fix for the following vulnerabilities: https://openjdk.java.net/groups/vulnerability/advisories/2021-04-20 It affects AdoptOpenJDK up to 1.8.0282, so we should bundle Jira with AdoptOpenJDK 1.8.02...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oct 2020

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 SR10-FP70 and Version 8 SR6-FP15 used by IBM Tivoli Application Dependency Discovery Manager TADDM. These issues were disclosed as part of the IBM Java SDK updates in Oct2020. Vulnerability Details CVEID:...

Upgrade bundled Java to 8u101+

Oracle's Critical patch update for July includes some "unspecified vulnerability", for example CVE-2016-3552 & CVE-2016-3503, fixes in the "install" component of java that may affect Confluence...

Upgrade bundled Java to 8u101+

Oracle's Critical patch update for July includes some "unspecified vulnerability", for example CVE-2016-3552 & CVE-2016-3503, fixes in the "install" component of java that may affect Confluence...

Upgrade bundled Java to 8u101+

Oracle's Critical patch update for July includes some "unspecified vulnerability", for example CVE-2016-3552 & CVE-2016-3503, fixes in the "install" component of java that may affect JIRA...