SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2018:4064-1)

java-180-ibm was updated to Java 8.0 Service Refresh 5 Fix Pack 25 bsc1116574 Class Libraries : - IJ10934 CVE-2018-13785 - IJ10935 CVE-2018-3136 - IJ10895 CVE-2018-3139 - IJ10932 CVE-2018-3149 - IJ10894 CVE-2018-3180 - IJ10930 CVE-2018-3183 - IJ10933 CVE-2018-3214 - IJ09315 FLOATING POINT EXCEPTI...

SUSE-SU-2018:4064-1 Security update for java-1_8_0-ibm

java-180-ibm was updated to Java 8.0 Service Refresh 5 Fix Pack 25 bsc1116574 Class Libraries: - IJ10934 CVE-2018-13785 - IJ10935 CVE-2018-3136 - IJ10895 CVE-2018-3139 - IJ10932 CVE-2018-3149 - IJ10894 CVE-2018-3180 - IJ10930 CVE-2018-3183 - IJ10933 CVE-2018-3214 - IJ09315 FLOATING POINT EXCEPTIO...

SUSE-SU-2018:3933-1 Security update for java-1_7_1-ibm

java-171-ibm was updated to Java 7.1 Service Refresh 4 Fix Pack 35 bsc1116574: Consumability - IJ10515 AIX JAVA 7.1.3.10 GENERAL PROTECTION FAULT WHEN ATTEMPTING TO USE HEALTH CENTER API Class Libraries - IJ10934 CVE-2018-13785 - IJ10935 CVE-2018-3136 - IJ10895 CVE-2018-3139 - IJ10932 CVE-2018-31...

SUSE-SU-2018:3921-1 Security update for java-1_7_1-ibm

java-171-ibm was updated to Java 7.1 Service Refresh 4 Fix Pack 35 bsc1116574: Consumability - IJ10515 AIX JAVA 7.1.3.10 GENERAL PROTECTION FAULT WHEN ATTEMPTING TO USE HEALTH CENTER API Class Libraries - IJ10934 CVE-2018-13785 - IJ10935 CVE-2018-3136 - IJ10895 CVE-2018-3139 - IJ10932 CVE-2018-31...

SUSE-SU-2018:3868-1 Security update for java-1_8_0-ibm

java-180-ibm was updated to Java 8.0 Service Refresh 5 Fix Pack 25 bsc1116574 Class Libraries: - IJ10934 CVE-2018-13785 - IJ10935 CVE-2018-3136 - IJ10895 CVE-2018-3139 - IJ10932 CVE-2018-3149 - IJ10894 CVE-2018-3180 - IJ10930 CVE-2018-3183 - IJ10933 CVE-2018-3214 - IJ09315 FLOATING POINT EXCEPTIO...

The vulnerability of the Java VM component of the Oracle Database Server management system allows a hacker to execute arbitrary code.

The vulnerability of the Java VM component of the Oracle Database Server management system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

CVE-2018-3259

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java VM. Successful attacks of...

Unspecified Vulnerability in Oracle Database Server (CNVD-2018-24127)

Oracle Database Server is a set of relational database management system of Oracle Oracle. The database management system provides data management, distributed processing and other functions.Java VM is one of the Java virtual machine components. A security vulnerability exists in the Java VM...

Security Bulletin: Vulnerability in IBM Java Runtime affects IBM Rational ClearQuest (CVE-2016-3426)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition, Versions 6, 7, and 8, which are used by IBM Rational ClearQuest. This issue was disclosed as part of the IBM Java SDK updates in April 2016. Vulnerability Details CVEID: CVE-2016-3426 DESCRIPTION: An unspecifie...

CVE-2018-15764

Dell EMC ESRS Policy Manager versions 6.8 and prior contain a remote code execution vulnerability due to improper configurations of triggered JMX services. A remote unauthenticated attacker may potentially exploit this vulnerability to execute arbitrary code in the server's JVM...

JDK: privilege escalation via insufficiently restricted access to Attach API

In Eclipse OpenJ9 version 0.8, users other than the process owner may be able to use Java Attach API to connect to an Eclipse OpenJ9 or IBM JVM on the same machine and use Attach API operations, which includes the ability to execute untrusted native code. Attach API is enabled by default on...

JDK: privilege escalation via insufficiently restricted access to Attach API

In Eclipse OpenJ9 version 0.8, users other than the process owner may be able to use Java Attach API to connect to an Eclipse OpenJ9 or IBM JVM on the same machine and use Attach API operations, which includes the ability to execute untrusted native code. Attach API is enabled by default on...

Oracle Database Server Java VM Component Remote Vulnerability

Oracle Database Server is a set of relational database management system of Oracle Oracle. The database management system provides data management, distributed processing and other functions.Java VM is one of the Java virtual machine components. A security vulnerability exists in the Java VM...

The vulnerability of the Java VM component of the Oracle Database Server database management system allows a hacker to gain full control over the application.

The vulnerability of the Java VM component of the Oracle Database Server management system is related to access control deficiencies. Exploiting this vulnerability can allow an attacker, operating remotely, to gain full control over the application using Oracle Net...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Rational ClearCase (CVE-2017-10356, CVE-2017-10345)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 6, 7, and 8, which are used by IBM Rational ClearCase. These issues were disclosed as part of the IBM Java SDK updates in October 2017. Vulnerability Details CVEID: CVE-2017-10356 DESCRIPTION: An unspecified...

Deserialization of untrusted data

It was found that the Karaf container used by Red Hat JBoss Fuse 6.x, and Red Hat JBoss A-MQ 6.x, deserializes objects passed to MBeans via JMX operations. An attacker could use this flaw to execute remote code on the server as the user running the Java Virtual Machine if the target MBean contain...

CVE-2016-8648

CVE-2016-8648 affects the Karaf container used by Red Hat JBoss Fuse 6.x and Red Hat JBoss A-MQ 6.x. The vulnerability arises from deserializing objects passed to MBeans via JMX operations, which could allow an attacker to execute remote code in the context of the JVM if deserialization gadgets e...

Unspecified Vulnerability in Oracle Database Server (CNVD-2018-24126)

Oracle Database Server is a set of relational database management system of Oracle Oracle. The database management system provides data management, distributed processing and other functions.Java VM is one of the Java virtual machine components. A security vulnerability exists in the Java VM...

Security Bulletin: Multiple security vulnerabilities in IBM Java Runtime affect IBM Rational ClearCase (CVE-2014-3566, CVE-2014-6457)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 5 and 6 that are used by IBM Rational ClearCase. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerability CVE-2014-3566. These were disclosed...

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Integrated Information Core - Oracle CPU April 2016

Summary Oracle released the April 2016 critical patch updates which contain multiple fixes for security vulnerabilities in the IBM Java Development Kit that is included with the IBM WebSphere Application Server. Vulnerability Details New IBM WebSphere Application Server updates are available that...