1848 matches found
KLA12160 Multiple vulnerabilities in Oracle VirtualBox
Multiple vulnerabilities were found in Oracle VirtualBox. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. A security bypass vulnerability in Core component can...
Oracle Releases April 2021 Critical Patch Update
Oracle has released its Critical Patch Update for April 2021 to address 384 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Oracle April 2021...
Oracle Critical Patch Update Advisory - April 2021
A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third-party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches add...
SUSE: Security Advisory (SUSE-SU-2017:0490-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:0346-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: A vulnerability exists in the IBM® SDK, Java™ Technology Edition affecting IBM Tivoli Network Manager (CVE-2020-14803, CVE-2020-27221).
Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Manager IP Edition v4.2, which was disclosed in the Oracle January 2021 Critical Patch Update. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...
Security Bulletin: Vulnerability in IBM Java SDK and IBM Java Runtime affects Rational Business Developer
Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 8 and IBM® Runtime Environment Java™ Version 8 used by Rational Business Developer. Rational Business Developer has addressed the applicable CVE. This issue was disclosed as part of the IBM Java SDK and Runtime...
Security Bulletin: CVE-2020-14781 may affect IBM® SDK, Java™ Technology Edition for Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections
Summary CVE-2020-14781 was disclosed as part of the Oracle October 2020 Critical Patch Update. Vulnerability Details CVEID: CVE-2020-14781 DESCRIPTION: An unspecified vulnerability in Java SE related to the JNDI component could allow an unauthenticated attacker to obtain sensitive information...
Exploit for CVE-2020-2551
描述 在Oracle官方发布的2020年1月关键补丁更新公告CPU(Critical Patch Update)中,公布了一个Weblogic WLS组件IIOP协议中的远程代码执行漏洞(CVE-2020-2551)。 该漏洞可以绕过 Oracle 官方在 2019 年 10 月份发布的最新安全补丁。攻击者可以通过 IIOP 协议远程访问 Weblogic Server 服务器上的远程接口,传入恶意数据,从而获取服务器 权限并在未授权情况下远程执行任意代码。官方给出的CVSS 评分为 9.8。 IIOP 协议以 Java 接口的形式对远程对象进行访问,默认启用,可通过 7001...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Netcool Impact (CVE-2020-14803, CVE-2020-27221)
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Tivoli Netcool Impact. IBM Tivoli Netcool Impact has addressed the applicable CVEs. These issues were disclosed in the Oracle January 2021 Critical Patch Update, plus CVE-2020-27221. Vulnerabili...
MGASA-2021-0131 Updated ansible packages fix security vulnerability
User data leak in snmpfacts module CVE-2021-20178. Multiple collections exposed secured values CVE-2021-20191. In basic.py, nolog with fallback option CVE-2021-20228. The ansible package has been patched to fix these issues...
Oracle Business Intelligence Publisher Multiple Vulnerabilities (Jan 2021 CPU)
The version of Oracle Business Intelligence Publisher or Oracle Analytics Server 5.5 running on the remote host is 11.1.1.9.x prior to 11.1.1.9.210119, 12.2.1.3.x prior to 12.2.1.3.201216, 12.2.1.4.x prior to 12.2.1.4.201216, or 12.2.5.5.x OAS 5.5 prior to 12.2.5.5.201216. It is, therefore,...
Security Bulletin: A security vulnerability has been identified in IBM SDK, Java Technology shipped with IBM Maximo Asset Management (CVE-2020-14781)
Summary CVE-2020-14781 was disclosed as part of the Oracle October 2020 Critical Patch Update. Java is used by Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilitie...
Security Bulletin: A security vulnerability has been identified in IBM SDK, Java Technology shipped with IBM Maximo Asset Management (CVE-2020-2773)
Summary CVE-2020-2773 was disclosed as part of the Oracle April 2020 Critical Patch Update. Java is used by Maximo Asset Management, Maximo Asset Management Essentials, Maximo Asset Management for Energy Optimization, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo...
Security Bulletin: A vulnerabbility exists in the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Manager (CVE-2020-14779, CVE-2020-14792, CVE-2020-14796, CVE-2020-14797, CVE-2020-14798).
Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Manager IP Edition v4.2, which was disclosed in the Oracle October 2020 Critical Patch Update. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...
Security Bulletin: A vulnerabbility exists in the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Configuration Manager (CVE-2020-14779, CVE-2020-14792, CVE-2020-14796, CVE-2020-14797, CVE-2020-14798).
Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration Manager IP Edition v6.4.2, which was disclosed in the Oracle October 2020 Critical Patch Update. Vulnerability Details Refer to the security bulletins listed in the...
PT-2021-5455 · Oracle · Oracle Database Server
Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 12.1.0.2, 12.2.0.1 and 19c Description: The issue is related to the Advanced Networking Option component of Oracle Database Server, allowing an unauthenticated attacker with network access via Oracle Net to...
Security Bulletin: IBM QRadar SIEM is vulnerable to deserialization of untrusted data (CVE-2020-4888)
Summary IBM QRadar SIEM is vulnerable to deserialization of untrusted data Vulnerability Details CVEID: CVE-2020-4888 DESCRIPTION: IBM QRadar SIEM could allow a remote attacker to execute arbitrary commands on the system, caused by insecure deserialization of user-supplied content by the Java...
Security Bulletin: CVE-2020-14782 may affect IBM® SDK, Java™ Technology Edition
Summary CVE-2020-14782 was disclosed as part of the Oracle October 2020 Critical Patch Update. Vulnerability Details CVEID: CVE-2020-14782 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality...
Important: kernel-livepatch-4.14.200-155.322
Issue Overview: A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/ttyio.c and drivers/tty/ttyjobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24. CVE-2020-29660 A locking vulnerability was found in the...