Security Bulletin: Multiple vulnerabilities in IBM® SDK, Java™ Technology Edition affected IBM Workflow for Bluemix April 2016 (CVE-2016-3426)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 that is used by IBM Workflow for Bluemix. These issues were disclosed as part of the IBM® SDK, Java™ Technology Edition updates in April 2016. Vulnerability Details CVEID: CVE-2016-3426 DESCRIPTION: An...

SUSE CVE-2019-2842

Vulnerability in the Java SE component of Oracle Java SE subcomponent: JCE. The supported version that is affected is Java SE: 8u212. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum Control and Tivoli Storage Productivity Center April 2016 CPU (CVE-2016-3426)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ Technology Edition that is shipped and used by IBM Spectrum Control and Tivoli Storage Productivity Center. These issues were disclosed as part of the IBM Java SDK updates in April...

SUSE: Security Advisory (SUSE-SU-2015:1329-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2017-1150)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Sterling Control Center (CVE-2016-3427 and CVE-2016-3426)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7 that is used by IBM Control Center. These issues were disclosed as part of the IBM Java SDK updates in April 2016. Vulnerability Details CVEID: CVE-2016-3427 DESCRIPTION: An unspecified...

CVE-2018-2618

It was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using...

OpenJDK: Missing array bounds check in crypto providers (JCE, 8223511)

Vulnerability in the Java SE component of Oracle Java SE subcomponent: JCE. The supported version that is affected is Java SE: 8u212. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this...

Oracle Java SE Security Updates (jul2019-5072835) 02 - Linux

Oracle Java SE is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Java SE Security Updates (jul2019-5072835) 02 - Windows

Oracle Java SE is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Privilege Escalation

Java SE, Java SE Embedded and JRockit are vulnerable to privilege escalation attacks. A remote, unauthenticated attacker could submit malicious input leading to the exploitation of the flawed JCE component to gain elevated privileges. Successful attacks could result in unauthorized access to...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Cloud Manager

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7.0.10.1 used by IBM Cloud Manager. These issues were disclosed as part of the IBM Java SDK updates in Apr 2017. Vulnerability Details CVEID: CVE-2017-3514 DESCRIPTION: An unspecified vulnerability in Oracle...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect TPF Toolkit (CVE-2015-1931, CVE-2015-2601, CVE-2015-2613, CVE-2015-2625, CVE-2015-4872)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7 that is used by TPF Toolkit. These issues were disclosed as part of the IBM Java Runtime updates in July 2015 and October 2015. Vulnerability Details CVEID: CVE-2015-1931 DESCRIPTION: IBM Ja...

Security Bulletin: Java SE issues disclosed in the Oracle April 2018 Critical Patch Update affects IBM Platform Cluster Manager Standard Edition, IBM Platform Cluster Manager Advanced Edition, Platform HPC, and Spectrum Cluster Foundation

Summary Java SE issues disclosed in the Oracle April 2018 Critical Patch Update was addressed by IBM Platform Cluster Manager Standard Edition, IBM Platform Cluster Manager Advanced Edition, Platform HPC, and Spectrum Cluster Foundation. Vulnerability Details CVE Descriptions CVE-2018-2826 CVSS 8...

Security Bulletin: Multiple vulnerabilities in IBM Cloud Orchestrator, IBM Cloud Orchestrator Enterprise, and products shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise

Summary Multiple vulnerabilities have been identified in IBM Cloud Orchestrator, IBM Cloud Orchestrator Enterprise, and in supporting products shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise. Vulnerability Details This security bulletin covers multiple vulnerabilities in...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM MessageSight

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 7, 7R1 and 8 used by IBM MessageSight. These issues were disclosed as part of the IBM Java SDK updates in July 2017. Vulnerability Details If you run your own Java code using the IBM Java...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Monitoring

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition that is used by IBM Tivoli Monitoring. These issues were disclosed as part of the IBM Java SDK updates in April 2017. Vulnerability Details CVEID: CVE-2017-3514 DESCRIPTION: An unspecified vulnerabilit...

Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affect WebSphere Application Server April 2016 CPU (CVE-2016-3426, CVE-2016-3427) shipped with Tivoli Netcool Performance Manager

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed in the Oracle April 2016 Critical Patch Update, plus four additional vulnerabilities. These may affect some configurations of IBM...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Composite Application Manager for Transactions(Several CVEs)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6.0, 7.0 and 8.0 that is used by IBM Tivoli Composite Application Manager for Transactions. These issues were disclosed as part of the IBM Java SDK updates in April 2016. Vulnerability Details...

Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java™ Technology Edition

Summary Java SE issues disclosed in the Oracle July 2015 Critical Patch Update, plus CVE-2015-1931 Vulnerability Details CVE IDs: CVE-2015-2613 CVE-2015-2601 CVE-2015-4749 CVE-2015-2625 CVE-2015-1931 DESCRIPTION: This bulletin covers all applicable Java SE CVEs published by Oracle as part of thei...