SUSE-SU-2020:2453-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 6 Fix Pack 15 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14556 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 Class Libraries: -...

JCE Pro, 2.8.15, xss

This 2.8.15 an important security update is included to prevent potential cross-site scripting attacks. https://www.joomlacontenteditor.net/news/jce-pro-2-8-15-released...

Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2020-1307)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : java-1.8.0-openjdk (EulerOS-SA-2020-1307)

According to the versions of the java-1.8.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Vulnerability in the Java SE component of Oracle Java SE subcomponent: JCE. The supported version that is affected is Java SE: 8u212...

NewStart CGSL MAIN 4.05 : java-1.8.0-openjdk Multiple Vulnerabilities (NS-SA-2020-0022)

The remote NewStart CGSL host, running version MAIN 4.05, has java-1.8.0-openjdk packages installed that are affected by multiple vulnerabilities: - Vulnerability in the Java SE component of Oracle Java SE subcomponent: JCE. The supported version that is affected is Java SE: 8u212. Difficult to...

CVE-2015-7339

JCE Joomla Component 2.5.0 to 2.5.2 allows arbitrary file upload via a .php file extension for an image file to the /comjce/editor/libraries/classes/browser.php script...

CVE-2015-7339

JCE Joomla Component 2.5.0 to 2.5.2 allows arbitrary file upload via a .php file extension for an image file to the /comjce/editor/libraries/classes/browser.php script...

CVE-2015-7339

CVE-2015-7339 affects JCE Joomla Component (versions 2.5.0–2.5.2). The flaw lets an attacker upload arbitrary files by crafting an image file with a .php extension to the /com_jce/editor/libraries/classes/browser.php script, enabling potential code execution or server compromise as implied by arb...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Cognos Insight.

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 used by IBM Cognos Insight. These issues were disclosed as part of the IBM Java SDK updates in April 2017 and July 2017. Vulnerability Details CVEID: CVE-2017-3511 DESCRIPTION: An unspecified vulnerability...

Huawei EulerOS: Security Advisory for java-1.7.0-openjdk (EulerOS-SA-2017-1208)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for java-1.7.0-openjdk (EulerOS-SA-2017-1099)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2017-1150)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for java-1.7.0-openjdk (EulerOS-SA-2017-1098)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Sterling Control Center (CVE-2016-3427 and CVE-2016-3426)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7 that is used by IBM Control Center. These issues were disclosed as part of the IBM Java SDK updates in April 2016. Vulnerability Details CVEID: CVE-2016-3427 DESCRIPTION: An unspecified...

CVE-2018-2618

It was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using...

[SECURITY] Fedora 29 Update: jss-4.6.2-1.fc29

Java Security Services JSS is a java native interface which provides a br idge for java-based applications to use native Network Security Services NSS. This only works with gcj. Other JREs require that JCE providers be signed...

Security Bulletin: IBM Security Guardium Big Data Intelligence is affected by a Using Components with Known Vulnerabilities vulnerability

Summary IBM Security Guardium is aware of the following vulnerability Vulnerability Details CVEID: CVE-2016-1000342 DESCRIPTION: Bouncy Castle JCE Provider could provide weaker than expected security, caused by improper validation of ASN.1 encoding of signature in the ECDSA. A remote attacker cou...

NewStart CGSL MAIN 4.06 : java-1.8.0-openjdk Multiple Vulnerabilities (NS-SA-2019-0178)

The remote NewStart CGSL host, running version MAIN 4.06, has java-1.8.0-openjdk packages installed that are affected by multiple vulnerabilities: - Vulnerability in the Java SE component of Oracle Java SE subcomponent: JCE. The supported version that is affected is Java SE: 8u212. Difficult to...

NewStart CGSL MAIN 4.06 : java-1.7.0-openjdk Multiple Vulnerabilities (NS-SA-2019-0175)

The remote NewStart CGSL host, running version MAIN 4.06, has java-1.7.0-openjdk packages installed that are affected by multiple vulnerabilities: - Vulnerability in the Java SE component of Oracle Java SE subcomponent: JCE. The supported version that is affected is Java SE: 8u212. Difficult to...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect z/TPF

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by z/TPF. These issues were disclosed as part of the IBM Java SDK updates in April 2017. Vulnerability Details If you run your own Java code using the IBM Java Runtime delivered with this product, you shou...