Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Supplier Lifecycle Mgmt (CVE-2021-2351)

Summary An Oracle database server vulnerability has been addressed by IBM Emptoris Supplier Lifecycle Mgmt. Vulnerability Details CVEID: CVE-2021-2351 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Advanced Networking Option component could allow an...

Oracle Solaris Critical Patch Update : oct2021_SRU11_4_36_101_2

This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystem. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon t...

MySQL 5.7.x < 5.7.36 Multiple Vulnerabilities (Oct 2021 CPU)

The version of MySQL running on the remote host is 5.7.x prior to 5.7.36. It is, therefore, affected by multiple vulnerabilities, including the following, as noted in the October 2021 Critical Patch Update advisory: - A vulnerability in the OpenSSL component that can result in a takeover of the...

Oracle Releases October 2021 Critical Patch Update

Oracle has released its Critical Patch Update for October 2021 to address 419 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Oracle October 2021...

Security Bulletin: A vulnerabbility exists in the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Configuration Manager CVE-2021-2388, CVE-2021-2369, CVE-2021-2432, CVE-2021-2341.

Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration Manager IP Edition v6.4.2, which was disclosed in the Oracle July 2021 Critical Patch Update. Vulnerability Details Refer to the security bulletins listed in the...

CVE-2021-37732

Aruba Instant (IAP) exposes a remote arbitrary command execution vulnerability (CVE-2021-37732) in its web-based management UI. Affected are Aruba Instant 6.4.x.x (6.4.4.8-4.2.4.17 and below), 6.5.x.x (6.5.4.18 and below), 8.5.x.x (8.5.0.11 and below), 8.6.x.x (8.6.0.6 and below), and 8.7.x.x (8....

KLA12331 Multiple vulnerabilities in Oracle Java SE

Multiple vulnerabilities were found in Oracle Java SE. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information, cause denial of service, gain privileges, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Security...

PT-2021-23020

Name of the Vulnerable Software and Affected Versions TinyFileManager versions up to and including 2.4.6 Description A Cross-Site Request Forgery CSRF issue exists that allows attackers to upload files and run OS commands by inducing the Administrator user to browse a URL controlled by an attacke...

PYSEC-2021-583

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to tf.rawops.UpperBound. The implementation does not validate the rank of sortedinput...

PT-2021-21790 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.6.0 TensorFlow versions 2.5.1 and earlier TensorFlow versions 2.4.3 and earlier TensorFlow versions 2.3.4 and earlier Description: An attacker can read from outside of bounds of heap allocated data by sending...

Security Bulletin: Vulnerability in IBM® SDK Java™ Technology Edition, Version 7, Version 8, that is used by IBM Workload Scheduler.

Summary Vulnerability in IBM® SDK Java™ Technology Edition, Version 7, Version 8, that is used by IBM Workload Scheduler. This issue was disclosed as part of the Oracle October 2020 Critical Patch Update. Vulnerability Details CVEID: CVE-2020-14782 DESCRIPTION: An unspecified vulnerability in Jav...

Security Bulletin: Vulnerability in IBM® SDK Java™ Technology Edition, Version 7, Version 8, that is used by IBM Workload Scheduler.

Summary Vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7, Version 8, that is used by IBM Workload Scheduler. These issues were disclosed in the Oracle October 2020 Critical Patch Update. Vulnerability Details CVEID: CVE-2020-14792 DESCRIPTION: An unspecified vulnerability in Java S...

Security Bulletin: January 2021 Patch Update for Java

Summary The January 2021 update to Java contains fixes for a number of potential vulnerabilities. Refer to the Details section for additional information. Vulnerability Details CVEID: CVE-2020-14803 DESCRIPTION: An unspecified vulnerability in Java SE could allow an unauthenticated attacker to...

Oracle Business Intelligence Publisher Multiple Vulnerabilities (Jul 2021 CPU)

The version of Oracle Business Intelligence Publisher or Oracle Analytics Server 5.5 running on the remote host is 11.1.1.9.x prior to 11.1.1.9.210720, 12.2.1.3.x prior to 12.2.1.3.210405, 12.2.1.4.x prior to 12.2.1.4.210402, or 12.2.5.5.x OAS 5.5 prior to 12.2.5.5.210331. It is, therefore,...

Security Bulletin: Multiple Oracle Database Server Vulnerabilities Affect IBM Emptoris Sourcing

Summary Multiple Oracle database server security vulnerabilities affect IBM Emptoris Sourcing. Vulnerability Details CVEID: CVE-2021-2245 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Database - Enterprise Edition Unified Audit component could allow an...

Security Bulletin: Multiple Oracle Database Server Vulnerabilities Affect IBM Emptoris Strategic Supply Management Platform

Summary Multiple Oracle Database server security vulnerabilities affect IBM Emptoris Strategic Supply Management Platform. Vulnerability Details CVEID: CVE-2021-2245 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Database - Enterprise Edition Unified Audit...

Security Bulletin: Multiple Oracle Database Server Vulnerabilities Affect IBM Emptoris Contract Management

Summary Multiple Oracle database server security vulnerabilities affect IBM Emptoris Contract Management. Vulnerability Details CVEID: CVE-2021-2245 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Database - Enterprise Edition Unified Audit component could allow...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Sourcing (CVE-2021-2207)

Summary An Oracle database server security vulnerabilities affect IBM Emptoris Sourcing. Vulnerability Details CVEID: CVE-2021-2207 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Oracle Database - Enterprise Edition component could allow an authenticated attack...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Strategic Supply Management Platform (CVE-2021-2207)

Summary An Oracle database server security vulnerabilities affect IBM Emptoris Strategic Supply Management Platform. Vulnerability Details CVEID: CVE-2021-2207 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Oracle Database - Enterprise Edition component could...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Supplier Lifecycle Mgmt (CVE-2021-2207)

Summary An Oracle database server security vulnerabilities affect IBM Emptoris Supplier Lifecycle Management. Vulnerability Details CVEID: CVE-2021-2207 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Oracle Database - Enterprise Edition component could allow an...