Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Strategic Supply Management Platform (CVE-2021-35557)

Summary IBM Emptoris Strategic Supply Management Platform supports Oracle database server as a backend database. The remediated version of Oracle database server has been certified by IBM Emptoris Strategic Supply Management Platform. Vulnerability Details CVEID: CVE-2021-35557 DESCRIPTION: An...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Contract Management(CVE-2021-35557)

Summary IBM Emptoris Contract Management supports Oracle database server as a backend database. The remediated version of Oracle database server has been certified by IBM Emptoris Contract Management. Vulnerability Details CVEID: CVE-2021-35557 DESCRIPTION: An unspecified vulnerability in Oracle...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Supplier Lifecycle Management (CVE-2021-35557)

Summary IBM Emptoris Supplier Lifecycle Management supports Oracle database server as a backend database. The remediated version of Oracle database server has been certified by IBM Emptoris Supplier Lifecycle Management. Vulnerability Details CVEID: CVE-2021-35557 DESCRIPTION: An unspecified...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Supplier Lifecycle Management (CVE-2021-35558)

Summary IBM Emptoris Supplier Lifecycle Management supports Oracle database server as a backend database. The remediated version of Oracle database server has been certified by IBM Emptoris Supplier Lifecycle Management. Vulnerability Details CVEID: CVE-2021-35558 DESCRIPTION: An unspecified...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Sourcing (CVE-2021-35558)

Summary IBM Emptoris Sourcing supports Oracle database server as a backend database. The remediated version of Oracle database server has been certified by IBM Emptoris Sourcing. Vulnerability Details CVEID: CVE-2021-35558 DESCRIPTION: An unspecified vulnerability in Oracle Database Server relate...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Contract Management (CVE-2021-35558)

Summary IBM Emptoris Contract Management supports Oracle database server as a backend database. The remediated version of Oracle database server has been certified by IBM Emptoris Contract Management. Vulnerability Details CVEID: CVE-2021-35558 DESCRIPTION: An unspecified vulnerability in Oracle...

Security Bulletin: CVE-2021-35603 may affect IBM® SDK, Java™ Technology Edition

Summary CVE-2021-35603 was disclosed as part of the Oracle October 2021 Critical Patch Update. Vulnerability Details CVEID: CVE-2021-35603 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to obtain sensitive information...

PT-2022-17534 · Amazon · Amazon Echo Dot

Name of the Vulnerable Software and Affected Versions: Amazon Echo Dot devices, 3rd and 4th Generation Description: The issue allows for arbitrary voice command execution on affected devices. This can be achieved by a remote attacker using a malicious skill or by a physically proximate attacker...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum Control and Tivoli Storage Productivity Center October 2015 CPU and January 2016 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ Technology Edition that is shipped and used by IBM Spectrum Control and Tivoli Storage Productivity Center. These issues were disclosed as part of the IBM Java SDK updates in October...

Important: Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R20 security and bug fix update

An update is now available for Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: kpatch-patch security update

An update is now available for Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Cross site request forgery (csrf)

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony form component provides a CSRF protection mechanism by using a random token injected in the form and using the session to store and control the token submitted by the user. When using the...

Mageia: Security Advisory (MGASA-2016-0371)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-XQXM-2RPM-3889 Comment reply notifications sent to incorrect users

Impact When notifications for new replies in comment threads are sent, they are sent to all users who have replied or commented anywhere on the site, rather than only in the relevant threads. This means that a user could listen in to new comment replies on pages they have not had editing access t...

Oracle Solaris Critical Patch Update : jan2022_SRU11_4_39_107_1

This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystem. Supported versions that are affected are 11 and 10. Easily exploitable vulnerability allows low privileged attacker with...

Oracle Solaris Critical Patch Update : jan2022_SRU11_3_36_27_0

This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystem. Supported versions that are affected are 11 and 10. Easily exploitable vulnerability allows low privileged attacker with...

Oracle Solaris Critical Patch Update : jan2022_SRU11_4_41_107_2

This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Oracle Solaris product of Oracle Systems component: Libraries. The supported version that is affected is 11. Easily exploitable vulnerability allows unauthenticated attacker with networ...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Program Management (CVE-2021-35619)

Summary An Oracle database server vulnerability affects IBM Emptoris Program Management. The issue has been addressed. Vulnerability Details CVEID: CVE-2021-35619 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Java VM component could allow an authenticated...

Oracle Releases January 2022 Critical Patch Update

Oracle has released its Critical Patch Update for January 2022 to address 497 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Oracle January 2022...

KLA12424 Multiple vulnerabilities in Oracle VirtualBox

Security bypass vulnerabilities was found in Oracle VirtualBox. Malicious users can exploit this vulnerability to obtain sensitive information, bypass security restrictions. Original advisories Oracle Critical Patch Update Advisory – January 2022 Related products Oracle-VirtualBox CVE list...