Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum Control and Tivoli Storage Productivity Center April 2016 CPU (CVE-2016-3426)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ Technology Edition that is shipped and used by IBM Spectrum Control and Tivoli Storage Productivity Center. These issues were disclosed as part of the IBM Java SDK updates in April...

openssl security update

1.0.2k-24.0.3 - fix CVE-2022-0778 openssl: Fix possible infinite loop in BNmodsqrt - Change Epoch from 1 to 10 - Fix DH self-test to add shared secret comparison Orabug: 32467026 - Add DH support changes for SP 800-56A rev3 requirements Orabug: 32467059 - Add TLS KDF self-test Orabug: 32467193 -...

PT-2022-12909 · Unknown · Swagger-Ui-Dist

Name of the Vulnerable Software and Affected Versions: swagger-ui-dist versions prior to 4.1.3 Description: The issue allows a remote attacker to hijack the clicking action of the victim by persuading them to visit a malicious website, potentially leading to further attacks against the victim...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Strategic Supply Management Platform (CVE-2021-2332)

Summary IBM Emptoris Strategic Supply Management Platform supports Oracle database server as a backend database. The remediated version of Oracle database server has been certified by IBM Emptoris Strategic Supply Management Platform. Vulnerability Details CVEID: CVE-2021-2332 DESCRIPTION: An...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Supplier Lifecycle Management (CVE-2021-2332)

Summary IBM Emptoris Supplier Lifecycle Management supports Oracle database server as a backend database. The remediated version of Oracle database server has been certified by IBM Emptoris Supplier Lifecycle Management. Vulnerability Details CVEID: CVE-2021-2332 DESCRIPTION: An unspecified...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Strategic Supply Management Platform (CVE-2021-35557)

Summary IBM Emptoris Strategic Supply Management Platform supports Oracle database server as a backend database. The remediated version of Oracle database server has been certified by IBM Emptoris Strategic Supply Management Platform. Vulnerability Details CVEID: CVE-2021-35557 DESCRIPTION: An...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Contract Management(CVE-2021-35557)

Summary IBM Emptoris Contract Management supports Oracle database server as a backend database. The remediated version of Oracle database server has been certified by IBM Emptoris Contract Management. Vulnerability Details CVEID: CVE-2021-35557 DESCRIPTION: An unspecified vulnerability in Oracle...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Supplier Lifecycle Management (CVE-2021-35557)

Summary IBM Emptoris Supplier Lifecycle Management supports Oracle database server as a backend database. The remediated version of Oracle database server has been certified by IBM Emptoris Supplier Lifecycle Management. Vulnerability Details CVEID: CVE-2021-35557 DESCRIPTION: An unspecified...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Supplier Lifecycle Management (CVE-2021-35558)

Summary IBM Emptoris Supplier Lifecycle Management supports Oracle database server as a backend database. The remediated version of Oracle database server has been certified by IBM Emptoris Supplier Lifecycle Management. Vulnerability Details CVEID: CVE-2021-35558 DESCRIPTION: An unspecified...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Sourcing (CVE-2021-35558)

Summary IBM Emptoris Sourcing supports Oracle database server as a backend database. The remediated version of Oracle database server has been certified by IBM Emptoris Sourcing. Vulnerability Details CVEID: CVE-2021-35558 DESCRIPTION: An unspecified vulnerability in Oracle Database Server relate...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Contract Management (CVE-2021-35558)

Summary IBM Emptoris Contract Management supports Oracle database server as a backend database. The remediated version of Oracle database server has been certified by IBM Emptoris Contract Management. Vulnerability Details CVEID: CVE-2021-35558 DESCRIPTION: An unspecified vulnerability in Oracle...

Security Bulletin: CVE-2021-35603 may affect IBM® SDK, Java™ Technology Edition

Summary CVE-2021-35603 was disclosed as part of the Oracle October 2021 Critical Patch Update. Vulnerability Details CVEID: CVE-2021-35603 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to obtain sensitive information...

PT-2022-17534 · Amazon · Amazon Echo Dot

Name of the Vulnerable Software and Affected Versions: Amazon Echo Dot devices, 3rd and 4th Generation Description: The issue allows for arbitrary voice command execution on affected devices. This can be achieved by a remote attacker using a malicious skill or by a physically proximate attacker...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum Control and Tivoli Storage Productivity Center October 2015 CPU and January 2016 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ Technology Edition that is shipped and used by IBM Spectrum Control and Tivoli Storage Productivity Center. These issues were disclosed as part of the IBM Java SDK updates in October...

Important: Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R20 security and bug fix update

An update is now available for Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: kpatch-patch security update

An update is now available for Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Cross site request forgery (csrf)

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony form component provides a CSRF protection mechanism by using a random token injected in the form and using the session to store and control the token submitted by the user. When using the...

Mageia: Security Advisory (MGASA-2016-0371)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-XQXM-2RPM-3889 Comment reply notifications sent to incorrect users

Impact When notifications for new replies in comment threads are sent, they are sent to all users who have replied or commented anywhere on the site, rather than only in the relevant threads. This means that a user could listen in to new comment replies on pages they have not had editing access t...

Oracle Solaris Critical Patch Update : jan2022_SRU11_3_36_27_0

This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystem. Supported versions that are affected are 11 and 10. Easily exploitable vulnerability allows low privileged attacker with...