Critical: Red Hat Security Advisory: java-1.8.0-oracle security update

Updated java-1.8.0-oracle packages that fix several security issues are now available for Oracle Java for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

Critical: Red Hat Security Advisory: java-1.7.0-oracle security update

Updated java-1.7.0-oracle packages that fix several security issues are now available for Oracle Java for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give...

Oracle Database Multiple Vulnerabilities (July 2015 CPU)

The remote Oracle database server is missing the July 2015 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities in the following components : - Application Express CVE-2015-2655, CVE-2015-2585, CVE-2015-2586 - Core RDBMS CVE-2015-0468 - Java VM CVE-2015-2629 - Oracle...

Oracle Solaris Critical Patch Update : ldoms (SRU11_2_11_5_0)

The remote Solaris system is missing necessary patches to address an unspecified flaw that exists in the LDOM Manager subcomponent of Oracle VM Server for SPARC. A remote, unauthenticated attacker can exploit this, via multiple protocols, to cause a denial of service condition. %NASLMINLEVEL 7030...

Oracle Patches Java Zero Day

Oracle has released its quarterly patch update, which includes fixes for nearly 200 vulnerabilities. The most notable bug fixed in this release is the Java zero day that’s been used in an ongoing attack campaign. The massive release from Oracle has patches for a long list of products, but the Jav...

Oracle Solaris Critical Patch Update : jul2015_SRU11_2_10_5_0

This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: NFSv4. Supported versions that are affected are 10 and 11.2. Difficult to exploit vulnerability requiring logon to...

Oracle E-Business Multiple Vulnerabilities (July 2015 CPU)

The version of Oracle E-Business installed on the remote host is missing the July 2015 Oracle Critical Patch Update CPU. It is, therefore, affected by affected by vulnerabilities in the following components : - Oracle Application Object Library CVE-2015-2618 - Oracle Application Object Library...

Oracle Solaris Critical Patch Update : jul2015_SRU11_2_11_5_0

This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: S10 Branded Zone. Supported versions that are affected are 10 and 11.2. Easily exploitable vulnerability requiring...

Oracle Releases July 2015 Security Advisory

Oracle has released security fixes to address 193 vulnerabilities as part of its quarterly Critical Patch Update. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Oracle July 2015...

Oracle Critical Patch Update Advisory - July 2015

A Critical Patch Update CPU is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update...

OpenEMR vulnerable to authentication bypass

Overview OpenEMR is an electronic health records and medical practice management application. OpenEMR contains an authentication bypass vulnerability CWE-302. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

Important: Red Hat Security Advisory: kvm security update

Updated kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from t...

CVE-2015-2360

CVE-2015-2360 is a local privilege-escalation in Windows kernel-mode driver Win32k.sys affecting multiple Windows versions (Server 2003 SP2/R2 SP2, Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, 8/8.1, Server 2012/2012 R2, RT/RT 8.1). The underlying issue is in Win32k.sys that allows crafted a...

Updated mariadb packages fix security vulnerabilities

Updated mariadb packages fix security vulnerabilities: This update provides MariaDB 5.5.43, which fixes several security issues and other bugs. Please refer to the Oracle Critical Patch Update Advisories and the Release Notes for MariaDB for further information regarding the security...

RHEL 5 / 6 / 7 : java-1.6.0-sun (RHSA-2015:0858)

Updated java-1.6.0-sun packages that fix several security issues are now available for Oracle Java for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detaile...

Critical: Red Hat Security Advisory: java-1.7.0-oracle security update

Updated java-1.7.0-oracle packages that fix several security issues are now available for Oracle Java for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give...

Debian DSA-3229-1 : mysql-5.5 - security update

Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.43. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details : -...

Secunia Research: Oracle Outside In ibpsd2.dll PSD File Processing Buffer Overflow Vulnerability

====================================================================== Secunia Research 16/04/2015 Oracle Outside In ibpsd2.dll PSD File Processing Buffer Overflow Vulnerability ====================================================================== Table of Contents Affected...

Oracle Enterprise Manager Cloud Control Unspecified Vulnerability (April 2015 CPU)

The version of Oracle Enterprise Manager Cloud Control installed on the remote host is affected by an unspecified flaw in the My Oracle Support Plugin subcomponent of the Enterprise Manager Base Platform component. A remote attacker can exploit this to impact the integrity of the system. Note tha...

Multiple vulnerabilites in Java 1.7.0_15

The version of Java we bundle with Confluence is badly out of date, and well behind the security baseline Oracle defines see http://www.oracle.com/technetwork/java/javase/7u80-relnotes-2494162.html for example, which says we should be running update 79 for security fixes, and update 80 for...