Oracle Solaris Critical Patch Update : jan2022_SRU11_4_41_107_2

This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Oracle Solaris product of Oracle Systems component: Libraries. The supported version that is affected is 11. Easily exploitable vulnerability allows unauthenticated attacker with networ...

Oracle Solaris Critical Patch Update : jan2022_SRU11_4_39_107_1

This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystem. Supported versions that are affected are 11 and 10. Easily exploitable vulnerability allows low privileged attacker with...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Program Management (CVE-2021-35619)

Summary An Oracle database server vulnerability affects IBM Emptoris Program Management. The issue has been addressed. Vulnerability Details CVEID: CVE-2021-35619 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Java VM component could allow an authenticated...

KLA12424 Multiple vulnerabilities in Oracle VirtualBox

Security bypass vulnerabilities was found in Oracle VirtualBox. Malicious users can exploit this vulnerability to obtain sensitive information, bypass security restrictions. Original advisories Oracle Critical Patch Update Advisory – January 2022 Related products Oracle-VirtualBox CVE list...

PT-2022-6842

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 11.0.13, 17.0.1 Oracle GraalVM Enterprise Edition versions 20.3.4, 21.3.0 Description The issue is related to an easily exploitable vulnerability in the ImageIO component of Oracle Java SE and Oracle GraalVM Enterprise...

Oracle Releases January 2022 Critical Patch Update

Oracle has released its Critical Patch Update for January 2022 to address 497 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Oracle January 2022...

PT-2022-6851

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 7u321, 8u311, 11.0.13, 17.0.1 Oracle GraalVM Enterprise Edition versions 20.3.4, 21.3.0 Description The issue allows an unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE an...

Oracle Critical Patch Update Advisory - January 2022

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third-party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches add...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - October 2021 - Includes Oracle October 2021 CPU (minus CVE-2021-35550/35561/35603) plus CVE-2021-41035

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 7, and 8 that are used by Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for...

PT-2022-10089 · Unknown · October Cms

Name of the Vulnerable Software and Affected Versions: October CMS versions prior to 1.0.473 and 1.1.6 Description: The issue allows an attacker with "create, modify and delete website pages" privileges in the backend to execute PHP code by running specially crafted Twig code in the template...

PT-2022-5002 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions 1.35.5 and earlier, 1.36.x before 1.36.3, 1.37.x before 1.37.1 Description: The issue is related to Blind Stored XSS via a URL to the Upload Image feature. This could allow a remote attacker to conduct a cross-site scriptin...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Sourcing (CVE-2021-2335)

Summary An Oracle database server vulnerability was addressed in IBM Emptoris Sourcing. Vulnerability Details CVEID: CVE-2021-2335 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Database - Enterprise Edition Data Redaction component could allow an authenticated...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Strategic Supply Management Platform (CVE-2021-2335)

Summary An Oracle database server vulnerability was addressed in IBM Emptoris Strategic Supply Management Platform. Vulnerability Details CVEID: CVE-2021-2335 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Database - Enterprise Edition Data Redaction component...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Program Management (CVE-2021-2335)

Summary An Oracle database server vulnerability was addresed in IBM Emptoris Program Management. Vulnerability Details CVEID: CVE-2021-2335 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Database - Enterprise Edition Data Redaction component could allow an...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Sourcing (CVE-2021-2334)

Summary An Oracle database server vulnerability was addressed in IBM Emptoris Sourcing. Vulnerability Details CVEID: CVE-2021-2334 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Database - Enterprise Edition Data Redaction component could allow an authenticated...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Strategic Supply Management Platform (CVE-2021-2334)

Summary An Oracle database server vulnerability was addressed in IBM Emptoris Strategic Supply Management Platform. Vulnerability Details CVEID: CVE-2021-2334 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Database - Enterprise Edition Data Redaction component...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Program Management (CVE-2021-2334)

Summary An Oracle database server vulnerability was addressed in IBM Emptoris Program Management. Vulnerability Details CVEID: CVE-2021-2334 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Database - Enterprise Edition Data Redaction component could allow an...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Sourcing (CVE-2021-2336)

Summary An Oracle database server vulnerability was addressed by IBM Emptoris Sourcing. Vulnerability Details CVEID: CVE-2021-2336 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Database - Enterprise Edition Data Redaction component could allow an authenticated...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Supplier Lifecycle Mgmt (CVE-2021-2336)

Summary An Oracle database server vulnerability was addressed in IBM Emptoris Supplier Lifecycle Management. Vulnerability Details CVEID: CVE-2021-2336 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Database - Enterprise Edition Data Redaction component could...

Citrix Endpoint Management (aka XenMobile Server) 10.13.0 Rolling Patch 5

Package name: xms10.13.0.10528.bin For: XenMobile Server 10.13.0 Deployment type: On-premises only Replaces: xms10.13.0.10426.bin, xms10.13.0.10329.bin, xms10.13.0.10212.bin, and xms10.13.0.10129.bin Date: December 2021 Languages supported: English US Important notes about this update As a best...