Oracle Releases January 2019 Security Bulletin

Oracle has released its Critical Patch Update for January 2019 to address 284 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center NCCIC, part...

Solaris 10 (x86) : 150120-06

Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite subcomponent: Kernel. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via KSSL to compromise Oracle Solaris. Successful attac...

Adobe Issues Emergency Patches for Two Critical Flaws in Acrobat and Reader

I hope you had biggest, happiest and craziest New Year celebration, but now it's time to come back at work and immediately update your systems to patch new security flaws that could exploit your computer just by opening a PDF file. Adobe has issued an out-of-band security update to patch two...

PT-2019-5733 · Net Snmp +2 · Net-Snmp +2

Name of the Vulnerable Software and Affected Versions: net-snmp versions prior to 5.8.1.pre1 Description: The issue is caused by a double free in the usm free usmStateReference function. This can be exploited by a remote attacker using specially crafted GetBulk requests, potentially leading to a...

Oracle Application Express AnyChart Flash-Based Cross Site Scripting

------------------------------------------------------------------------------------ Oracle Application Express AnyChart Flash-based Cross-Site Scripting Vulnerability ------------------------------------------------------------------------------------ - Software Link: https://apex.oracle.com/ -...

Oracle Business Intelligence Publisher Multiple Vulnerabilities (July 2018 CPU)

The version of Oracle Business Intelligence Publisher running on the remote host is 11.1.1.7.x prior to 11.1.1.7.180717 or 11.1.1.9.x prior to 11.1.1.9.180717, similarly, versions 12.2.1.2.x prior to 12.2.1.2.180717 and 12.2.1.3.x prior to 12.2.1.3.180717 are affected as noted in the July 2018...

Oracle Critical Patch Update - October 2018

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories...

Kubernetes user privilege elevation vulnerability, the exposure to security risks-vulnerability warning-the black bar safety net

Recently, Kubernetes open source container software found a key of a user privilege elevation vulnerability, CVE-2018-1002105, which software is today most of the cloud infrastructure of the fixed component. This vulnerability can allow an attacker unrestricted remote access, steal data, or cause...

63 New Flaws (Including 0-Days) Windows Users Need to Patch Now

It's Patch Tuesday once again…time for another round of security updates for the Windows operating system and other Microsoft products. This month Windows users and system administrators need to immediately take care of a total of 63 security vulnerabilities, of which 12 are rated critical, 49...

openSUSE: Security Advisory for audiofile (openSUSE-SU-2018:3694-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition

Summary Java SE issues disclosed in the Oracle October 2018 Critical Patch Update Vulnerability Details CVE IDs: CVE-2018-3183 CVE-2018-3169 CVE-2018-3149 CVE-2018-3180 CVE-2018-3214 CVE-2018-13785 CVE-2018-3136 CVE-2018-3139 DESCRIPTION: This bulletin covers all applicable Java SE CVEs published...

BSA-2018-590

Security Advisory ID : BSA-2018-590 Component : Oracle Java Revision : 2.0: Final Oracle Critical Patch Update Advisories - April 2018 and July 2018provide security updates forOracle Java Platform software libraries. Java SE JDK and JRE versions beforeJRE 8u181are affected by vulnerabilities that...

Oracle Identity Manager Multiple Vulnerabilities (October 2018 CPU)

The remote host is missing the October 2018 Critical Patch Update for Oracle Identity Manager. It is, therefore, affected by multiple vulnerabilities as described in the October 2018 critical patch update advisory : - An unspecified vulnerability in the Oracle Identity Management Suite in the Sui...

Oracle Database Server Multiple Vulnerabilities (October 2018 CPU)

The remote Oracle Database Server is missing the October 2018 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities, including remote code execution, as noted in the October 2018 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs fo...

MySQL 5.7.x < 5.7.24 Multiple Vulnerabilities (Oct 2018 CPU) (Jul 2019 CPU)

The version of MySQL running on the remote host is 5.7.x prior to 5.7.24 It is, therefore, affected by multiple vulnerabilities as noted in the October 2018 and July 2019 Critical Patch Update advisories. Please consult the CVRF details for the applicable CVEs for additional information. Note tha...

Oracle VM VirtualBox < 5.2.20 Multiple Vulnerabilities (Oct 2018 CPU)

The version of Oracle VM VirtualBox running on the remote host is 5.2.x prior to 5.2.20. It is, therefore, affected by multiple vulnerabilities as noted in the October 2018 Critical Patch Update advisory : - An unspecified vulnerability in the Oracle VM VirtualBox component of Oracle Virtualizati...

Oracle Solaris Critical Patch Update : oct2018_SRU11_3_35_6_0

This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Kernel. The supported version that is affected is 11.3. Difficult to exploit vulnerability allows low privileged...

Oracle E-Business Multiple Vulnerabilities (Oct 2018 CPU)

The version of Oracle E-Business installed on the remote host is missing the October 2018 Oracle Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities as noted in the October 2018 Critical Patch Update advisory : - An unspecified vulnerability in the Oracle Trade...

Oracle Solaris Critical Patch Update : oct2018_SRU11_4_0_0_0

This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Remote Administration Daemon RAD. The supported version that is affected is 11.3. Easily exploitable vulnerability...

Oracle Fixes 301 Flaws in October Critical Patch Update

Oracle has released a critical patch update addressing more than 300 vulnerabilities across several of its products – including one flaw with a CVSS 3.0 score of 10 that could allow the takeover of the company’s software package, Oracle GoldenGate. Of the 301 security flaws that were fixed in thi...