UBUNTU-CVE-2025-21678

In the Linux kernel, the following vulnerability has been resolved: gtp: Destroy device along with udp socket's netns dismantle. gtpnewlink links the device to a list in devnetdev instead of srcnet, where a udp tunnel socket is created. Even when srcnet is removed, the device stays alive on...

USN-7242-1 tomcat6 vulnerability

Pierre Ernst discovered that the Tomcat JmxRemoteLifecycleListener did not implement a recommended fix. A remote attacker could possibly use this issue to execute arbitrary code...

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Security Guardium Key Lifecycle Manager (SKLM/GKLM) (CVE-2024-45086)

Summary WebSphere Application Server is shipped as a component of IBM Security Guardium Key Lifecycle Manager SKLM/GKLM. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulleti...

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Security Guardium Key Lifecycle Manager (SKLM/GKLM) (CVE-2024-45072)

Summary WebSphere Application Server is shipped as a component of IBM Security Guardium Key Lifecycle Manager SKLM/GKLM. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulleti...

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Security Guardium Key Lifecycle Manager (SKLM/GKLM) (CVE-2024-45071)

Summary WebSphere Application Server is shipped as a component of IBM Security Guardium Key Lifecycle Manager SKLM/GKLM. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulleti...

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Security Guardium Key Lifecycle Manager (SKLM/GKLM) (CVE-2024-45073)

Summary WebSphere Application Server is shipped as a component of IBM Security Guardium Key Lifecycle Manager SKLM/GKLM. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulleti...

Security Bulletin: IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote attacker to bypass security restrictions, caused by a race condition.

Summary A race condition happened when a code sequence runs concurrently with other code, and the code sequence needs exclusive access to a shared resource, but a time window exists in which the shared resource can be modified by another code sequence. In security-critical code, a race condition...

(RHSA-2025:0430) Moderate: OpenJDK 11.0.26 ELS Security Update for Windows Builds

The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 11.0.26 with Extended Lifecycle Support for Windows serves as a replacement for the Red Hat build of OpenJDK 11 11.0.25 and...

RHEL 7 / 8 / 9 : java-11-openjdk ELS (RHSA-2025:0429)

The remote Redhat Enterprise Linux 7 / 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:0429 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This is the...

CVE-2025-21564

Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain component: Agile Integration Services. The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Agile PLM...

CVE-2025-21556

Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain component: Agile Integration Services. The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Agile PLM...

IBM Engineering Lifecycle Optimization Publishing Encryption Issue Vulnerability

IBM Engineering Lifecycle Optimization Publishing is an automated document generation solution from International Business Machines IBM. IBM Engineering Lifecycle Optimization Publishing suffers from a cryptographic issue vulnerability that stems from the use of a weaker-than-expected encryption...

Oracle Supply Chain Products Suite 安全漏洞

Oracle Supply Chain Products Suite is a suite of supply chain solutions from Oracle Corporation USA. The product provides value chain planning, value chain execution, and product lifecycle management. A security vulnerability exists in Oracle Agile PLM Framework version 9.3.6 for Oracle Supply...

Oracle Supply Chain Products Suite 安全漏洞

Oracle Supply Chain Products Suite is a suite of supply chain solutions from Oracle Corporation USA. The product provides value chain planning, value chain execution, and product lifecycle management. A security vulnerability exists in Oracle Agile PLM Framework version 9.3.6 for Oracle Supply...

PT-2025-4285 · Oracle · Oracle Agile Plm Framework

Name of the Vulnerable Software and Affected Versions: Oracle Agile PLM Framework version 9.3.6 Description: The issue allows a low-privileged attacker with network access via HTTP to compromise Oracle Agile PLM Framework, resulting in unauthorized access to critical data or complete access to al...

PT-2025-4286 · Oracle · Oracle Agile Plm Framework

Name of the Vulnerable Software and Affected Versions: Oracle Agile PLM Framework version 9.3.6 Description: The vulnerability in the Oracle Agile PLM Framework is related to weaknesses in the authorization mechanism of the Install component. This issue can be exploited by a remote attacker to...

Oracle Agile PLM Framework 安全漏洞

Oracle Agile PLM Framework is a framework product from Oracle Corporation USA. A security vulnerability exists in Oracle Agile PLM Framework version 9.3.6. An attacker who exploits this vulnerability could cause the Oracle Agile PLM Framework to be taken over...

Oracle Supply Chain Products Suite 安全漏洞

Oracle Supply Chain Products Suite is a suite of supply chain solutions from Oracle Corporation USA. It provides value chain planning, value chain execution, product lifecycle management, etc. Agile PLM Product Lifecycle Management is one of the product lifecycle management components. A security...

The vulnerability of the integrated environment for managing the development lifecycle of IBM Jazz Foundation lies in its lack of access control for personal information, allowing attackers to disclose protected information.

The vulnerability of the integrated environment for managing the development lifecycle of IBM Jazz Foundation is related to deficiencies in restricting access to personal information. Exploiting this vulnerability could allow attackers to disclose protected information...

Security Bulletin: The IBM® Engineering Lifecycle Management is impacted by vulnerabilties in crypto-js version 3.1.2

Summary A vulnerability has been identified in Crypto-Js 3.1.2, which is used in IBM Engineering Lifecycle Management - IBM Jazz. This bulletin contains information regarding vulnerabilities and remediation actions. Vulnerability Details CVEID:CVE-2023-46233 DESCRIPTION: Brix crypto-js could allo...