Security Bulletin: Multiple vulnerabilities in IBM® SDK, Java™ Technology Edition affected IBM Workflow for Bluemix April 2016 (CVE-2016-3426)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 that is used by IBM Workflow for Bluemix. These issues were disclosed as part of the IBM® SDK, Java™ Technology Edition updates in April 2016. Vulnerability Details CVEID: CVE-2016-3426 DESCRIPTION: An...

K23489380: Java vulnerability CVE-2017-10135

Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JCE. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows...

K77535578: Multiple Java SE client-side vulnerabilities

Security Advisory Description CVE-2016-0636 Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Hotspot sub-component. CVE-2016-0686 Unspecified vulnerability in Oracle...

SUSE CVE-2015-2613

Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE...

SUSE CVE-2016-1000344

In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider...

SUSE CVE-2019-2842

Vulnerability in the Java SE component of Oracle Java SE subcomponent: JCE. The supported version that is affected is Java SE: 8u212. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this...

Security Bulletin: An unspecified vulnerability related to the Java SE JCE component affects IBM License Metric Tool v9.x and IBM BigFix Inventory v9.x (CVE-2017-3511)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM License Metric Tool LMT and IBM BigFix Inventory BFI. These issues were disclosed as part of the IBM Java SDK updates in April 2017.Fixes are already included in LMT and BFI version 9.2.8 or...

Security Bulletin: An unspecified vulnerability related to the Java SE JCE component affects IBM License Metric Tool v9.x and IBM BigFix Inventory v9.x (CVE-2017-10115)

Summary There were multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM License Metric Tool LMT and IBM BigFix Inventory BFI. These issues were disclosed as part of the IBM Java SDK updates in July 2017. Fixes are already included in LMT and BFI version 9.2.9 or...

Observable Discrepancy in BouncyCastle

BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE Java Cryptography Extension for cryptographic functions, provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable...

IBM Java 6.0 < 6.0.16.25 / 6.1 < 6.1.8.25 / 7.0 < 7.0.9.40 / 7.1 < 7.1.3.40 / 8.0 < 8.0.3.0 Multiple Vulnerabilities (Apr 19, 2016)

The version of IBM Java installed on the remote host is prior to 6.0 6.0.16.25 / 6.1 6.1.8.25 / 7.0 7.0.9.40 / 7.1 7.1.3.40 / 8.0 8.0.3.0. It is, therefore, affected by multiple vulnerabilities as referenced in the Oracle April 19 2016 CPU advisory. - Unspecified vulnerability in Oracle Java SE...

Amazon Corretto Java 8.x < 8.222.10.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is prior to 8 8.222.10.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-8-2019-Jul-16 advisory. - Security CVE-2019-2745, CVE-2019-2786 - Utilities CVE-2019-2762, CVE-2019-2769 - Networking...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum Control and Tivoli Storage Productivity Center April 2016 CPU (CVE-2016-3426)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ Technology Edition that is shipped and used by IBM Spectrum Control and Tivoli Storage Productivity Center. These issues were disclosed as part of the IBM Java SDK updates in April...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum Control and Tivoli Storage Productivity Center (CVE-2017-3511, CVE-2017-10115, CVE-2017-10116)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped and used by IBM Spectrum Control and Tivoli Storage Productivity Center. These issues were disclosed as part of the IBM Java SDK updates in April and July 2017. Vulnerability Details CVEID: CVE-2017-35...

Mageia: Security Advisory (MGASA-2015-0277)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple vulnerabilities in Bouncy Castle Java Cryptography affect IBM Tivoli Business Manager

Summary Bouncy Castle Java Cryptography is shipped as part of IBM Tivoli Business Manager 6.2.0. Information about security vulnerabilities affecting Bouncy Castle Java Cryptography has been published in a security bulletin. Vulnerability Details CVEID: CVE-2018-5382 DESCRIPTION: Bouncy Castle...

Security Bulletin:An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded, JRockit JCE component could affect IBM InfoSphere Optim Performance Manager CVE-2018-2783

Summary An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded, JRockit Security component could allow an unauthenticated attacker to cause high confidentiality impact, high integrity impact, and no availability impact. Vulnerability Details CVEID: CVE-2018-2783...

SUSE: Security Advisory (SUSE-SU-2015:1329-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP3 : java-1.8.0-openjdk (EulerOS-SA-2021-1806)

According to the versions of the java-1.8.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Utilities. Supported versions that are...

EulerOS 2.0 SP3 : java-1.7.0-openjdk (EulerOS-SA-2021-1805)

According to the versions of the java-1.7.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected...

SUSE-SU-2020:2453-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 6 Fix Pack 15 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14556 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 Class Libraries: -...