Oracle Releases July 2018 Security Bulletin

Oracle has released its Critical Patch Update for July 2018 to address 334 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Oracle July 2018 Critic...

CPU July 2018

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories...

Security Bulletin: Multiple vulnerabilities in current releases of IBM® SDK, Java™ Technology Edition

Summary Java SE issues disclosed in the Oracle January 2014 Critical Patch Update Vulnerability Details CVE IDs: CVE-2014-0428 CVE-2014-0422 CVE-2013-5907 CVE-2014-0415 CVE-2014-0410 CVE-2013-5889 CVE-2014-0417 CVE-2014-0387 CVE-2014-0424 CVE-2013-5878 CVE-2014-0373 CVE-2014-0375 CVE-2014-0403...

June 2018 Oracle Outside In Library Security Update

Microsoft Exchange Server contains some elements of the Oracle Outside In libraries. The June 19, 2018 releases of Microsoft Exchange Server contain fixes to the following vulnerabilities, which are described in: Oracle Critical Patch Update Advisory - April 2018: CVE-2018-2768, CVE-2018-2806,...

Security Bulletin: Java SE issues disclosed in the Oracle April 2018 Critical Patch Update affects IBM Platform Cluster Manager Standard Edition, IBM Platform Cluster Manager Advanced Edition, Platform HPC, and Spectrum Cluster Foundation

Summary Java SE issues disclosed in the Oracle April 2018 Critical Patch Update was addressed by IBM Platform Cluster Manager Standard Edition, IBM Platform Cluster Manager Advanced Edition, Platform HPC, and Spectrum Cluster Foundation. Vulnerability Details CVE Descriptions CVE-2018-2826 CVSS 8...

Security Bulletin: Java SE issues disclosed in the Oracle October 2016 Critical Patch Update affects(CVE-2016-5582 CVE-2016-5568 CVE-2016-5556 CVE-2016-5573 CVE-2016-5597 CVE-2016-5554 CVE-2016-5542)

Summary Java SE issues disclosed in the Oracle October 2016 Critical Patch Update was addressed by IBM Platform Cluster Manager Standard Edition, IBM Platform Cluster Manager Advanced Edition, Platform HPC , and Spectrum Cluster Foundation Vulnerability Details CVEID: CVE-2016-5582DESCRIPTION: An...

Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affect WebSphere Application Server April 2016 CPU (CVE-2016-3426, CVE-2016-3427) shipped with Tivoli Netcool Performance Manager

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed in the Oracle April 2016 Critical Patch Update, plus four additional vulnerabilities. These may affect some configurations of IBM...

Security Bulletin: A security vulnerability has been identified in Oracle MySQL shipped with IBM Tivoli Network Manager IP Edition (Oracle Critical Patch Update Advisory - April 2016

Summary Oracle MySQL is shipped as a component of IBM Tivoli Network Manager IP Edition. Information regarding security vulnerabilities affecting Oracle MySQL has been published. Vulnerability Details Tivoli Network Manager IP Edition ships with Oracle MySQL. Oracle has released a Critical Patch...

Security Bulletin: A security vulnerability has been identified in MySQL shipped with Tivoli Network Manager IP Edition (Oracle Critical Patch Update Advisory - January 2016)

Summary MySQL Client/Connector and Server are shipped as a component of Tivoli Network Manager IP Edition. Information about a security vulnerability affecting MySQL Server has been published. Vulnerability Details Please consult the Oracle Critical Patch Update Advisory - January 2016 for...

Security Bulletin: A security vulnerability has been identified in MySQL shipped with Tivoli Network Manager IP Edition (Oracle Critical Patch Update Advisory - October 2015)

Summary MySQL Server is shipped as a component of Tivoli Network Manager IP Edition. Information about a security vulnerability affecting MySQL Server has been published in a security bulletin Vulnerability Details Please consult the security bulletin for vulnerability details and information abo...

Security Bulletin: Multiple vulnerabilities in the IBM SDK Java Technology Edition component of IBM MessageSight 1.0-1.1 (CVE-2014-0878, CVE-2014-0460 & CVE-2014-0453)

Summary There are multiple security vulnerabilities in the IBM SDK Java™ Technology Edition Version 7 component used in IBM MessageSight 1.0-1.1 as disclosed in the Oracle April 2014 Critical Patch Update, plus 1 additional vulnerability Vulnerability Details Vendor | Vendor ID| Vendor Title|...

Security Bulletin:A security vulnerability has been identified in MySQL Server shipped with Tivoli Network Manager IP Edition (Oracle Critical Patch Update Advisory - July 2015)

Summary MySQL Server is shipped as a component of Tivoli Network Manager IP Edition. Information about a security vulnerability affecting MySQL Server has been published in a security bulletin Vulnerability Details Please consult the security bulletin...

Security Bulletin: Security vulnerabilities have been identified in Oracle MySQL shipped with IBM Tivoli Network Manager IP Edition (Oracle Advisory - April 2015)

Summary Oracle MySQL is shipped as a component of IBM Tivoli Network Manager IP Edition. Information regarding security vulnerabilities affecting Oracle MySQL has been published. http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html Vulnerability Details Tivoli Network Manager...

Security Bulletin: IBM Tivoli Composite Application Manager for Transactions affected by multiple vulnerabilities in IBM JRE (Multiple CVEs)

Summary IBM Tivoli Composite Application Manager for Transactions is shipped with two IBM JREs that are based on Oracle Java. It is also dependent on ITM 6.2.1 Framework, which also has it own JRE. Oracle has released a January 2014 Critical Patch Update CPU that contains security vulnerability...

Security Bulletin: IBM Tivoli Monitoring clients affected by vulnerabilities in IBM® SDK, Java™ Technology Edition

Summary IBM Tivoli Monitoring clients affected by vulnerabilities in IBM® SDK, Java™ Technology Edition, disclosed in the Oracle January 2014 Critical Patch Update. Vulnerability Details CVE IDs: CVE-2014-0428 CVE-2014-0422 CVE-2013-5907 CVE-2014-0415 CVE-2014-0410 CVE-2013-5889 CVE-2014-0417...

Potential Security Vulnerabilities With JavaTM SDKs

Abstract Security Bulletin: Asset and Service Mgmt Products - Potential security exposure when using JavaTM based applications due to vulnerabilities in Java Software Developer Kits. See Vulnerability Details for CVE IDs. Content VULNERABILITY DETAILS: CVE ID:...

Security Bulletin: Multiple vulnerabilities in IBM® SDK Java™ Technology Edition Version 7, 8 and IBM® Runtime Environment Java™ Version 7, 8 shipped with IBM FileNet Content Manager and IBM Content Foundation

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition Version 7, 8 and IBM® Runtime Environment Java™ Version 7, 8 which is shipped with IBM FileNet Content Manager and IBM Content Foundation. These issues were disclosed as part of the IBM Java SDK updates in July 2017...

Security Bulletin: Multiple vulnerabilities may affect Oracle Outside In Technology (OIT) Version 8.5.2 in IBM FileNet Content Manager, and IBM Content Foundation

Summary Security Bulletin: Multiple vulnerabilities may affect Oracle Outside In Technology OIT Version 8.5.2 in IBM FileNet Content Manager, and IBM Content Foundation. Oracle OIT issues disclosed in the Oracle January 2017 Critical Patch Update. Vulnerability Details Advisory CVEs: CVE-2017-326...

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK Java™ Technology Edition Version 6, 7, and IBM® Runtime Environment Java™ Version 6, 7 in IBM FileNet Content Manager, and IBM Content Foundation

Summary Multiple vulnerabilities may affect IBM® SDK Java™ Technology Edition Version 6, 7, and IBM® Runtime Environment Java™ Version 6, 7 in IBM FileNet Content Manager, and IBM Content Foundation. Resolved by using the IBM Runtime Environment Java October 2016 Critical Patch Update...

Security Bulletin: Four vulnerabilities exist in IBM FileNet Content Manager and IBM Content Foundation (CVE-2015-4809, CVE-2015-4811, CVE-2015-4877, CVE-2015-4878)

Summary There are four security vulnerabilities in the Oracle Outside In Technology OIT software used in the IBM FileNet Content Manager and IBM Content Foundation products. See the individual descriptions below for details. These issues are addressed in the OIT October 2015 Critical Patch Update...