11989 matches found
Security Bulletin: CVE-2020-2601 may affect IBM® SDK, Java™ Technology Edition
Summary CVE-2020-2601 was disclosed as part of the Oracle January 2020 Critical Patch Update. Vulnerability Details CVEID: CVE-2020-2601 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded Security component could allow an unauthenticated attacker ...
Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition
Summary Java SE issues disclosed in the Oracle July 2020 Critical Patch Update plus CVE-2019-17639. Vulnerability Details CVEID: CVE-2020-14583 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause low...
The vulnerability of the JavaFX component of Oracle Java SE software allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the JavaFX component of Oracle Java SE software is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...
CVE-2020-14664
Vulnerability in the Java SE product of Oracle Java SE component: JavaFX. The supported version that is affected is Java SE: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab
It is an open-source collection of pre-built vulnerable docker environments. The primary CVE ID present in the provided context is CVE-2016-9086. The target product/service or framework is GitLab. The vulnerability class/vector is not explicitly stated, but it is likely related to the mentioned...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab
It is an open-source collection of pre-built vulnerable docker environments. The primary CVE ID present in the context is CVE-2016-9086. The target product/service or framework is GitLab. The vulnerability class/vector is not explicitly stated, but it is likely related to the mentioned CVE. The...
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Sterling Connect:Direct Browser User Interface (CVE-2016-3426, CVE-2016-3485)
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7.0 that is used by IBM Sterling Connect:Direct Browser User Interface. These issues were disclosed as part of the IBM Java Runtime updates in April 2016 and July 2016. Vulnerability Details...
Security Bulletin: IBM Sterling Connect:Direct FTP+ is affected by a vulnerability in the IBM Runtime Environment, Java™ Technology Edition (CVE-2013-1500)
Summary IBM Sterling Connect:Direct FTP+ is shipped with IBM Runtime Environment, Java™ Technology Edition the “IBM RE”, that is based on an Oracle Java Runtime Environment JRE. Oracle has released the June 2013 critical patch updates CPU that contain security vulnerability fixes for the JRE. The...
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Sterling Connect:Direct Browser User Interface (CVE-2015-7575, CVE-2016-0475, CVE-2015-4872)
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7.0 that is used by IBM Sterling Connect:Direct Browser User Interface. These issues were disclosed as part of the IBM Java Runtime updates in October 2015 and January 2016 and include the...
Security Bulletin: A Vulnerability in IBM Java Runtime Affects IBM Sterling External Authentication Server
Summary A vulnerability exists in IBM R Runtime Environment Java TM Version 1.8 used by IBM Sterling External Authentication Server. The issue was disclosed as part of the IBM Java SDK updates in April 2018. Vulnerability Details CVEID: CVE-2018-2783 DESCRIPTION: An unspecified vulnerability in...
Security Bulletin: Multiple Java Vulnerabilities Impact IBM Control Center (CVE-2018-3180, CVE-2018-1890)
Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition, Version 7 and 8 that is used by IBM Control Center. This issue was disclosed as part of the IBM Java SDK updates in October 2018 and January 2019. Vulnerability Details CVEID: CVE-2018-3180 DESCRIPTION: An...
Security Bulletin: Multiple vulnerabilities in the IBM SDK, Java Technology Edition affects IBM Performance Management products
Summary Multiple vulnerabilities in the Oracle Java SE and the Java SE Embedded impact the IBM SDK, Java Technology Edition. Vulnerability Details CVEID: CVE-2020-2604 DESCRIPTION: An unspecified vulnerability in Java SE could allow an unauthenticated attacker to take control of the system. CVSS...
Security Bulletin: Multiple vulnerabilities in the IBM SDK, Java Technology Edition affects IBM Performance Management products
Summary Multiple vulnerabilities in the Oracle Java SE and the Java SE Embedded impact the IBM SDK, Java Technology Edition. Vulnerability Details CVEID: CVE-2019-2989 DESCRIPTION: An unspecified vulnerability in Java SE could allow an unauthenticated attacker to cause no confidentiality impact,...
OpenJDK: HostnameChecker does not ensure X.509 certificate names are in normalized form (JSSE, 8237592)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM SmartCloud Entry
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6.0.16.21 and Version 7.0.9.20 that is used by IBM SmartCloud Entry. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability commonly referred to as...
Security Bulletin: InfoSphere BigInsights affected by vulnerabilities in IBM SDK Java™ Technology Edition (CVE-2013-4002, CVE-2013-5780)
Summary InfoSphere BigInsights is vulnerable to two vulnerabilities in IBM SDK Java Technology Edition. Vulnerability Details CVE-2013-4002 DESCRIPTION: A denial of service vulnerability in the Apache Xerces-J parser used by IBM SDK Java Technology Edition could result in a complete availability...
Oracle Java SE 1.7.0_271 / 1.8.0_261 / 1.11.0_8 / 1.14.0_2 Multiple Vulnerabilities (Jul 2020 CPU)
The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 7 Update 271, 8 Update 261, 11 Update 8, or 14 Update 2. It is, therefore, affected by multiple vulnerabilities related to the following components as referenced in the July 2020 CPU advisory....
Oracle Java SE 1.7.0_271 / 1.8.0_261 / 1.11.0_8 / 1.14.0_2 Multiple Vulnerabilities (Jul 2020 CPU)
The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 7 Update 271, 8 Update 261, 11 Update 8, or 14 Update 2. It is, therefore, affected by multiple vulnerabilities related to the following components as referenced in the July 2020 CPU advisory:...
CVE-2020-14664
Vulnerability in the Java SE product of Oracle Java SE component: JavaFX. The supported version that is affected is Java SE: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human...
CVE-2020-14621
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JAXP. Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...