Lucene search
K

11989 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2020/08/05 12:23 p.m.23 views

Security Bulletin: CVE-2020-2601 may affect IBM® SDK, Java™ Technology Edition

Summary CVE-2020-2601 was disclosed as part of the Oracle January 2020 Critical Patch Update. Vulnerability Details CVEID: CVE-2020-2601 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded Security component could allow an unauthenticated attacker ...

6.8CVSS1.6AI score0.04196EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/05 11:38 a.m.35 views

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition

Summary Java SE issues disclosed in the Oracle July 2020 Critical Patch Update plus CVE-2019-17639. Vulnerability Details CVEID: CVE-2020-14583 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause low...

8.3CVSS0.9AI score0.04315EPSS
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/08/05 12:0 a.m.4 views

The vulnerability of the JavaFX component of Oracle Java SE software allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the JavaFX component of Oracle Java SE software is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

8.3CVSS7.2AI score0.04245EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2020/08/04 5:15 p.m.30 views

CVE-2020-14664

Vulnerability in the Java SE product of Oracle Java SE component: JavaFX. The supported version that is affected is Java SE: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human...

5.1CVSS2.9AI score0.04245EPSS
Exploits0References3
Gitee
Gitee
added 2020/08/04 10:7 a.m.4 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab

It is an open-source collection of pre-built vulnerable docker environments. The primary CVE ID present in the provided context is CVE-2016-9086. The target product/service or framework is GitLab. The vulnerability class/vector is not explicitly stated, but it is likely related to the mentioned...

6.5CVSS6.7AI score0.05388EPSS
Exploits39
Gitee
Gitee
added 2020/07/30 3:14 p.m.5 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab

It is an open-source collection of pre-built vulnerable docker environments. The primary CVE ID present in the context is CVE-2016-9086. The target product/service or framework is GitLab. The vulnerability class/vector is not explicitly stated, but it is likely related to the mentioned CVE. The...

6.5CVSS6.6AI score0.05388EPSS
Exploits39
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/24 10:49 p.m.34 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Sterling Connect:Direct Browser User Interface (CVE-2016-3426, CVE-2016-3485)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7.0 that is used by IBM Sterling Connect:Direct Browser User Interface. These issues were disclosed as part of the IBM Java Runtime updates in April 2016 and July 2016. Vulnerability Details...

4.3CVSS0.6AI score0.02795EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/24 10:49 p.m.37 views

Security Bulletin: IBM Sterling Connect:Direct FTP+ is affected by a vulnerability in the IBM Runtime Environment, Java™ Technology Edition (CVE-2013-1500)

Summary IBM Sterling Connect:Direct FTP+ is shipped with IBM Runtime Environment, Java™ Technology Edition the “IBM RE”, that is based on an Oracle Java Runtime Environment JRE. Oracle has released the June 2013 critical patch updates CPU that contain security vulnerability fixes for the JRE. The...

3.6CVSS0.6AI score0.00506EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/24 10:49 p.m.29 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Sterling Connect:Direct Browser User Interface (CVE-2015-7575, CVE-2016-0475, CVE-2015-4872)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7.0 that is used by IBM Sterling Connect:Direct Browser User Interface. These issues were disclosed as part of the IBM Java Runtime updates in October 2015 and January 2016 and include the...

5.9CVSS0.8AI score0.03703EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/24 10:19 p.m.34 views

Security Bulletin: A Vulnerability in IBM Java Runtime Affects IBM Sterling External Authentication Server

Summary A vulnerability exists in IBM R Runtime Environment Java TM Version 1.8 used by IBM Sterling External Authentication Server. The issue was disclosed as part of the IBM Java SDK updates in April 2018. Vulnerability Details CVEID: CVE-2018-2783 DESCRIPTION: An unspecified vulnerability in...

7.4CVSS1.5AI score0.03966EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/24 10:19 p.m.30 views

Security Bulletin: Multiple Java Vulnerabilities Impact IBM Control Center (CVE-2018-3180, CVE-2018-1890)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition, Version 7 and 8 that is used by IBM Control Center. This issue was disclosed as part of the IBM Java SDK updates in October 2018 and January 2019. Vulnerability Details CVEID: CVE-2018-3180 DESCRIPTION: An...

7.8CVSS1.3AI score0.03392EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/24 9:16 p.m.34 views

Security Bulletin: Multiple vulnerabilities in the IBM SDK, Java Technology Edition affects IBM Performance Management products

Summary Multiple vulnerabilities in the Oracle Java SE and the Java SE Embedded impact the IBM SDK, Java Technology Edition. Vulnerability Details CVEID: CVE-2020-2604 DESCRIPTION: An unspecified vulnerability in Java SE could allow an unauthenticated attacker to take control of the system. CVSS...

8.1CVSS1AI score0.04903EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/24 9:16 p.m.50 views

Security Bulletin: Multiple vulnerabilities in the IBM SDK, Java Technology Edition affects IBM Performance Management products

Summary Multiple vulnerabilities in the Oracle Java SE and the Java SE Embedded impact the IBM SDK, Java Technology Edition. Vulnerability Details CVEID: CVE-2019-2989 DESCRIPTION: An unspecified vulnerability in Java SE could allow an unauthenticated attacker to cause no confidentiality impact,...

9.1CVSS1AI score0.03749EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2020/07/22 12:40 p.m.3 views

OpenJDK: HostnameChecker does not ensure X.509 certificate names are in normalized form (JSSE, 8237592)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to...

4.3CVSS6.7AI score0.03284EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/19 12:49 a.m.37 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM SmartCloud Entry

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6.0.16.21 and Version 7.0.9.20 that is used by IBM SmartCloud Entry. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability commonly referred to as...

10CVSS1AI score0.92334EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/18 11:22 p.m.31 views

Security Bulletin: InfoSphere BigInsights affected by vulnerabilities in IBM SDK Java™ Technology Edition (CVE-2013-4002, CVE-2013-5780)

Summary InfoSphere BigInsights is vulnerable to two vulnerabilities in IBM SDK Java Technology Edition. Vulnerability Details CVE-2013-4002 DESCRIPTION: A denial of service vulnerability in the Apache Xerces-J parser used by IBM SDK Java Technology Edition could result in a complete availability...

7.1CVSS0.7AI score0.24738EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/07/17 12:0 a.m.394 views

Oracle Java SE 1.7.0_271 / 1.8.0_261 / 1.11.0_8 / 1.14.0_2 Multiple Vulnerabilities (Jul 2020 CPU)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 7 Update 271, 8 Update 261, 11 Update 8, or 14 Update 2. It is, therefore, affected by multiple vulnerabilities related to the following components as referenced in the July 2020 CPU advisory....

8.3CVSS6.5AI score0.05166EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2020/07/16 12:0 a.m.733 views

Oracle Java SE 1.7.0_271 / 1.8.0_261 / 1.11.0_8 / 1.14.0_2 Multiple Vulnerabilities (Jul 2020 CPU)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 7 Update 271, 8 Update 261, 11 Update 8, or 14 Update 2. It is, therefore, affected by multiple vulnerabilities related to the following components as referenced in the July 2020 CPU advisory:...

8.3CVSS6.5AI score0.05166EPSS
Exploits0References13
NVD
NVD
added 2020/07/15 6:15 p.m.16 views

CVE-2020-14664

Vulnerability in the Java SE product of Oracle Java SE component: JavaFX. The supported version that is affected is Java SE: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human...

8.3CVSS0.04245EPSS
Exploits0References4
NVD
NVD
added 2020/07/15 6:15 p.m.21 views

CVE-2020-14621

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JAXP. Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

5.3CVSS0.04315EPSS
Exploits0References17
Rows per page
Query Builder