Oracle Releases October 2018 Security Bulletin

Oracle has released its Critical Patch Update for October 2018 to address 301 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Oracle October 2018...

Security Bulletin: Multiple vulnerabilities in Oracle Java SE affect IBM Spectrum Protect Plus

Summary There are multiple vulnerabilities in Oracle Java SE which is used by IBM Spectrum Protect™ Plus. These issues were disclosed as part of the Oracle Critical Patch Update CPU in April 2018 and July 2018. Vulnerability Details CVEID: CVE-2018-2783 DESCRIPTION: An unspecified vulnerability i...

Critical Flaw in Fortnite Android App Lets Hackers Install Malware

Security researchers from Google have publicly disclosed an extremely serious security flaw in the first Fortnite installer for Android that could allow other apps installed on the targeted devices to manipulate installation process and load malware, instead of the Fortnite APK. Earlier this mont...

MySQL Enterprise Monitor 3.4.x < 3.4.8 / 4.0.x < 4.0.5 / 8.0.x < 8.0.1 Multiple Vulnerabilities (July 2018 CPU)

According to its self-reported version, the MySQL Enterprise Monitor application running on the remote host is 3.4.x prior to 3.4.8, or 4.0.x prior to 4.0.5, or 8.0.x prior to 8.0.1. It is, therefore, affected by multiple vulnerabilities as noted in the July 2018 Critical Patch Update advisory...

Security Bulletin: Man In The Middle Attack Vulnerability Affecting Rational Developer for AIX and Linux, Rational Developer for i, and Rational Developer for Power Systems Software (CVE-2014-0411)

Summary The version of the Java Runtime Environment shipped with certain versions of Rational Developer for AIX and Linux, Rational Developer for i, and Rational Developer for Power Systems Software has security vulnerabilities which affect these products. Vulnerability Details | Subscribe to My...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Developer for i, Rational Developer for AIX and Linux, Rational Developer for Power Systems Software

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 7, and 8 that are used by Rational Developer for i, Rational Developer for AIX and Linux, Rational Developer for Power Systems Software CVE-2016-0363, CVE-2016-0376. These issues were disclosed as part of th...

Oracle Secure Global Desktop Multiple Vulnerabilities (July 2018 CPU)

The version of Oracle Secure Global Desktop installed on the remote host is 5.3 / 5.4 and is missing a security patch from the July 2018 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities: - curl version curl 7.54.1 to and including curl 7.59.0 contains a Heap-based...

Oracle Solaris Critical Patch Update : jul2018_SRU11_3_32_4_0

This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Kernel. The supported version that is affected is 11.3. Easily exploitable vulnerability allows low privileged...

Oracle Database Server Multiple Vulnerabilities (July 2018 CPU)

The remote Oracle Database Server is missing the July 2018 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities: - An unspecified vulnerability in the Oracle Spatial jackson-databind component of Oracle Database Server allows an unauthenticated, remote attacker with...

Oracle Solaris Critical Patch Update : jul2018_SRU11_3_31_6_0

This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Availability Suite Service. Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability...

Oracle E-Business Multiple Vulnerabilities (July 2018 CPU)

The version of Oracle E-Business installed on the remote host is missing the July 2018 Oracle Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities as noted in the July 2018 Critical Patch Update advisory : - An unspecified vulnerability in the Oracle One-to-One...

MySQL 5.5.x < 5.5.61 Multiple Vulnerabilities (RPM Check) (July 2018 CPU)

The version of MySQL running on the remote host is 5.5.x prior to 5.5.61. It is, therefore, affected by multiple vulnerabilities as noted in the July 2018 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs for additional information. Note that Nessus has not...

MySQL 5.5.x < 5.5.61 Multiple Vulnerabilities (July 2018 CPU)

The version of MySQL running on the remote host is 5.5.x prior to 5.5.61. It is, therefore, affected by multiple vulnerabilities as noted in the July 2018 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs for additional information. Note that Nessus has not...

MySQL 5.7.x < 5.7.23 Multiple Vulnerabilities (RPM Check) (July 2018 CPU)

The version of MySQL running on the remote host is 5.7.x prior to 5.7.23. It is, therefore, affected by multiple vulnerabilities as noted in the July 2018 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs for additional information. Note that Nessus has not...

MySQL 8.0.x < 8.0.12 Multiple Vulnerabilities (Jul 2018 CPU) (Jul 2019 CPU)

The version of MySQL running on the remote host is 8.0.x prior to 8.0.12. It is, therefore, affected by multiple vulnerabilities as noted in the July 2018 and July 2019 Critical Patch Update advisories. Please consult the CVRF details for the applicable CVEs for additional information. Note that...

Oracle Sets All-Time Record with July Critical Patch Update

Oracle has released a massive Critical Patch Update CPU for July, addressing 334 security vulnerabilities covering a vast swathe of its enterprise portfolio. Of the 334 vulnerabilities covered this month, 61 are rated critical, with a CVSS rating between nine and 10. Oracle said in its advisory...

Oracle Releases July 2018 Security Bulletin

Oracle has released its Critical Patch Update for July 2018 to address 334 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Oracle July 2018 Critic...

CPU July 2018

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories...

Security Bulletin: Multiple vulnerabilities in current releases of IBM® SDK, Java™ Technology Edition

Summary Java SE issues disclosed in the Oracle January 2014 Critical Patch Update Vulnerability Details CVE IDs: CVE-2014-0428 CVE-2014-0422 CVE-2013-5907 CVE-2014-0415 CVE-2014-0410 CVE-2013-5889 CVE-2014-0417 CVE-2014-0387 CVE-2014-0424 CVE-2013-5878 CVE-2014-0373 CVE-2014-0375 CVE-2014-0403...

June 2018 Oracle Outside In Library Security Update

Microsoft Exchange Server contains some elements of the Oracle Outside In libraries. The June 19, 2018 releases of Microsoft Exchange Server contain fixes to the following vulnerabilities, which are described in: Oracle Critical Patch Update Advisory - April 2018: CVE-2018-2768, CVE-2018-2806,...