CentOS 7 : java-1.8.0-ibm (RHSA-2021:0717)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0717 advisory. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JNDI. Supported versions that are affected are Java SE: 7u271,...

CentOS 7 : java-1.8.0-ibm (RHSA-2020:2237)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2237 advisory. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Kerberos. Supported versions that are affected are Java SE: 7u231...

CentOS 7 : java-1.8.0-ibm (RHSA-2021:5030)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:5030 advisory. - Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Swing. Supported versions that are affected are...

Bundled JRE Dependency in Bitbucket Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 8.9.0, 8.19.0, and 9.2.0 of Bitbucket Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.4, allows an unauthenticated attacker to expose assets in your environment susceptible...

Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime affect z/Transaction Processing Facility

Summary There are multiple vulnerabilities in IBM® Semeru Runtime Certified Edition 11 that is used by the z/TPF system. z/TPF has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-21012 DESCRIPTION: An unspecified vulnerability in Java SE related to the Networking component cou...

Security Bulletin: Multiple Vulnerabilities in Rational Synergy 7.2.2.6

Summary Vulnerabilities in the Java Runtime Environment JRE 8.0.8.0 and earlier component shipped with Rational Synergy may affect the security of the product. Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could...

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition for IBM Content Collector for SAP Applications

Summary Multiple Vulnerabilities were disclosed as part of the Oracle July 2024 Critical Patch Update. Vulnerability Details CVEID:CVE-2024-21094 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause no confidentiality impact, low...

Advisory ROSA-SA-2024-2481

Software: java-11-openjdk 11.0.23.0.9 OS: rosa-server79 packageevrstring: java-11-openjdk-11.0.23.0.9-2.res7 CVE-ID: CVE-2024-20918 BDU-ID: 2024-00485 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK,...

Advisory ROSA-SA-2024-2480

Software: java-1.8.0-openjdk 1.8.0.412.b08 OS: rosa-server79 packageevrstring: java-1.8.0-openjdk-1.8.0.412.b08-1.res7 CVE-ID: CVE-2024-20918 BDU-ID: 2024-00485 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM...

Security Bulletin: IBM Sterling Control Center v6.2.x and v6.3.x are vulnerable due to IBM SDK Java Technology Edition vulnerability

Summary IBM SDK, Java Technology Edition Quarterly CPU - Oct 2023 - Includes Oracle October 2023 CPU plus CVE-2023-5676, CVE-2023-22081, CVE-2023-22067 affecting Sterling Control Center v6.2.x and v6.3.x. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java...

Security Bulletin: IBM Sterling Control Center v6.2.x and v6.3.x are vulnerable due to IBM Semeru Runtime vulnerabiliy

Summary IBM Semeru Runtime Quarterly CPU - Jul 2023 - Includes OpenJDK July 2023 CPU and CVE-2023-22049, CVE-2023-22036, CVE-2023-22006 affecting Sterling Control Center v6.2.1 and v6.3.1. Vulnerability Details CVEID:CVE-2023-22049 DESCRIPTION: An unspecified vulnerability in Java SE related to t...

Security Bulletin: IBM Sterling Control Center v6.2.1 and v6.3.1 is vulnerable with IBM Semeru Runtime Quarterly CPU - Oct 2023

Summary IBM Semeru Runtime Quarterly CPU - Apr 2023 - Includes OpenJDK October 2023 CPU plus CVE-2023-4807 and CVE-2023-5676 and affecting Sterling Control Center v6.2.1 and v6.3.1. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE...

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition for IBM Content Collector for SAP Applications

Summary Multiple Vulnerabilities were disclosed as part of the Oracle July 2024 Critical Patch Update. Vulnerability Details CVEID: CVE-2024-21011 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause low availability impact. CVSS...

Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM Cloud Pak System

Summary There are multiple Unspecified and Denial of Service Java SE Vulnerabilities that affect IBM Java SDK shipped with IBM Cloud Pak Sytem. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could allow a remote attack...

Security Bulletin: Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data

Summary IBM has released the below fix for IBM Db2® on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data in response to multiple vulnerabilities found in multiple components.This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details...

ROS-20240927-03

A vulnerability in the Concurrency component of the Oracle Java SE and Oracle GraalVM Enterprise Edition software platforms is related to insufficient input validation. Edition is related to insufficient validation of input data. Exploitation of the vulnerability could allow an attacker acting...

ROS-20240927-14

A vulnerability in the Hotspot component of the Oracle Java SE software platform, Oracle GraalVM virtual machines Enterprise Edition and Oracle GraalVM for JDK is related to writes beyond buffer boundaries in memory. Exploitation of the of the vulnerability could allow an attacker acting remotely...

Security Bulletin: IBM Cognos Transformer is affected by vulnerabilities in IBM® Java™

Summary Vulnerabilities in IBM® Java™ Version 8 that is consumed by IBM Cognos Transformer have been addressed. Please refer to the table in the Related Information section for vulnerability impact. Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecified vulnerability in Java SE...

Security Bulletin: IBM App Connect Enterprise has multiple vulnerabilities due to IBM Semeru Runtime (CVE-2024-21131, CVE-2024-21144, CVE-2024-21145)

Summary IBM App Connect Enterprise has multiple vulnerabilities due to IBM Semeru Runtime CVE-2024-21131, CVE-2024-21144, CVE-2024-21145. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-21145 DESCRIPTION: An unspecified vulnerability...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Business Service Manager

Summary IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. Information about security vulnerabilities affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin. Vulnerability Details CVEID:CVE-2024-21147 DESCRIPTION: A...