Azul Zulu Java Multiple Vulnerabilities (2024-07-16)

The version of Azul Zulu installed on the remote host is prior to 6 6.65.0.16 / 7 7.71.0.18 / 8 8.79.0.14 / 11 11.73.14 / 17 17.51.16 / 21 21.35.18 / 22 22.32.16. It is, therefore, affected by multiple vulnerabilities as referenced in the 2024-07-16 advisory. - Vulnerability in the Oracle Java SE...

PT-2024-5083

Name of the Vulnerable Software and Affected Versions: Oracle Java SE versions 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1 Oracle GraalVM for JDK versions 17.0.11, 21.0.3, 22.0.1 Oracle GraalVM Enterprise Edition versions 20.3.14, 21.3.10 Description: The vulnerability in the Oracle Java...

PT-2024-5599

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1 Oracle GraalVM for JDK versions 17.0.11, 21.0.3, 22.0.1 Oracle GraalVM Enterprise Edition versions 20.3.14, 21.3.10 Description A difficult to exploit vulnerability in...

PT-2024-5837

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1 Oracle GraalVM for JDK versions 17.0.11, 21.0.3, 22.0.1 Oracle GraalVM Enterprise Edition versions 20.3.14, 21.3.10 Bitbucket Data Center and Server versions 8.9.0...

PT-2024-5597

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1 Oracle GraalVM for JDK versions 17.0.11, 21.0.3, 22.0.1 Oracle GraalVM Enterprise Edition versions 20.3.14, 21.3.10 Description The issue is related to insufficient...

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities

Summary IBM Security Guardium has addressed these vulnerabilities in updates. Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could allow a remote attacker to cause high confidentiality impact and high integrity...

Security Bulletin: IBM Security Verify Governance has multiple vulnerabilities

Summary Multiple security vulnerabilities have been addressed in an update for IBM Security Verify Governance. Vulnerability Details CVEID:CVE-2022-31160 DESCRIPTION: jQuery UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the check-box-radio widge...

Security Bulletin: Multiple Vulnerabilities in IBM Event Streams

Summary Multiple vulnerabilities were addressed in IBM Event Streams version 11.4.0. Vulnerability Details CVEID:CVE-2024-21094 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause no confidentiality impact, low integrity impact,...

Security Bulletin: TSSC/IMC is vulnerable to low availability, low integrity and low confidentiality due to Java SE

Summary TSSC/IMC is vulnerable to low availability, low integrity and low confidentiality due to Java SE. A patch has been provided that updates the Java SE library. CVE-2023-22006, CVE-2023-22036, CVE-2023-22041, CVE-2023-22045, CVE-2023-22049, CVE-2023-25193. Vulnerability Details...

Security Bulletin: SANnav software used by IBM b-type SAN directors and switches is affected by Oracle Java SE vulnerabilities

Summary The SANnav Management Portal and Global View products are affected due to a Jave SE issue. The affected issue has been addressed and can be resolved by applying the SANnav code level listed below. CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968,...

Security Bulletin: An unspecified IBM SDK, Java Technology Edition vulnerability affects InfoSphere Data Replication

Summary An unspecified IBM SDK, Java Technology Edition vulnerability is addressed. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could allow a remote attacker to cause no confidentiality impact, no integrity impact,...

Moderate: Red Hat Security Advisory: java-1.8.0-ibm security update

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

IBM WebSphere eXtreme Scale 8.6.1.0 < 8.6.1.6 (7150929)

The version of IBM WebSphere eXtreme Scale installed on the remote host is prior to 8.6.1.6. It is, therefore, affected by multiple vulnerabilities as referenced in the 7150929 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of...

IBM MQ 9.0 <= 9.0.0.26 / 9.1 <= 9.1.0.22 / 9.2 <= 9.2.0.26 / 9.3 < 9.3.0.20 LTS / 9.3 < 9.4 CD (7157980)

The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7157980 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Concurrency. Supported versions that are affected are Oracle...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to unspecified vulnerability in Java SE ( CVE-2024-20952)

Summary Potential unspecified vulnerability in Java SE related to the VM component CVE-2024-20952 has been identified that affects IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues. We have updated the base image used by our Speech Services and the following vulnerabilities have been addressed. Please read the details for remediation below. Vulnerability Details...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Watson Explorer and Watson Explorer Content Analytics Studio (CVE-2024-20952, CVE-2024-20918,CVE-2024-20921, CVE-2023-33850)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by Watson Explorer and Watson Explorer Content Analytics Studio. Watson Explorer and Watson Explorer Content Analytics Studio have addressed the applicable CVEs. CVE-2024-20952,...

Security Bulletin: IBM DevOps Release addresses multiple vulnerabilities.

Summary IBM DevOps Release 7.0.0.2 addresses multiple vulnerabilities. Vulnerability Details CVEID:CVE-2014-3643 DESCRIPTION: Jersey could allow a remote attacker to obtain sensitive information, caused by an XML external entity XXE error when processing XML data by jersey SAX parser. By sending ...

Security Bulletin: An unspecified vulnerability in IBM Semeru Runtime that is shipped with IBM App Connect Enterprise (CVE-2024-21012)

Summary An unspecified vulnerability in IBM Semeru Runtime that is shipped with IBM App Connect Enterprise. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2024-21012 DESCRIPTION: An unspecified vulnerability in Java SE related to the...

Security Bulletin: Multiple vulnerabilities in IBM MQ affect IBM Robotic Process Automation.

Summary Multiple vulnerabilities in IBM MQ affect IBM Robotic Process Automation. IBM MQ is used by IBM Robotic Process Automation for message queueing. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2023-5072 DESCRIPTION:...