Security Bulletin: Vulnerability in IBM Java Runtime Environment affects installation and uninstallation of IBM Spectrum Protect for Enterprise Resource Planning on AIX and Linux (CVE-2020-27221)

Summary A vulnerability in IBM Java Runtime Environment may affect the installation and uninstallation of IBM Spectrum Protect for Enterprise Resource Planning ERP on AIX and Linux. This issue was disclosed as part of the IBM Java SDK updates in January 2021. UPDATED: 18 March 2021 - Corrected...

Security Bulletin: Multiple vulnerabilities in IBM® SDK, Java™ Technology Edition may affect IBM Content Collector for SAP Applications

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is used by IBM Content Collector for SAP Applications. These issues disclosed in the Oracle January 2021 Critical Patch Update. Vulnerability Details CVEID: CVE-2020-14803 DESCRIPTION: An unspecified vulnerabilit...

CVE-2021-25667

A vulnerability has been identified in RUGGEDCOM RM1224 All versions = V4.3 and = V4.3 and = V4.3 and = V2.0 and V2.1.3, SCALANCE XB-200 All versions V4.1, SCALANCE XC-200 All versions V4.1, SCALANCE XF-200BA All versions V4.1, SCALANCE XM400 All versions V6.2, SCALANCE XP-200 All versions V4.1,...

CVE-2021-25667

A vulnerability has been identified in RUGGEDCOM RM1224 All versions = V4.3 and = V4.3 and = V4.3 and = V2.0 and V2.1.3, SCALANCE XB-200 All versions V4.1, SCALANCE XC-200 All versions V4.1, SCALANCE XF-200BA All versions V4.1, SCALANCE XM400 All versions V6.2, SCALANCE XP-200 All versions V4.1,...

Schneider Electric IGSS CGF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

EulerOS Virtualization 2.9.0 : glibc (EulerOS-SA-2021-1643)

According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The iconv function in the GNU C Library aka glibc or libc6 2.30 to 2.32, when converting UCS4 text containing an irreversible...

EulerOS Virtualization 2.9.1 : glibc (EulerOS-SA-2021-1600)

According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An exploitable signed comparison vulnerability exists in the ARMv7 memcpy implementation of GNU glibc 2.30.9000. Calling memcpy on...

NewStart CGSL MAIN 6.02 : glibc Multiple Vulnerabilities (NS-SA-2021-0053)

The remote NewStart CGSL host, running version MAIN 6.02, has glibc packages installed that are affected by multiple vulnerabilities: - The idnatoascii4i function in lib/idna.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via 6...

NewStart CGSL MAIN 4.06 : sudo Multiple Vulnerabilities (NS-SA-2021-0001)

The remote NewStart CGSL host, running version MAIN 4.06, has sudo packages installed that are affected by multiple vulnerabilities: - In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. pwfeedback is a...

Adobe Bridge 10.x < 10.0.4 Multiple Vulnerabilities (APSB20-19)

The version of Adobe Bridge installed on the remote macOS or Mac OS X host is prior to 10.0.4. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb20-19 advisory. - Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful...

Adobe Bridge 10.x < 10.0.4 Multiple Vulnerabilities (APSB20-19)

The version of Adobe Bridge installed on the remote Windows host is prior to 10.0.4. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb20-19 advisory. - Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitatio...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation Application Manager Jan 2021 CPU (CVE-2020-27221)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition used by IBM Tivoli System Automation Application Manager. These issues were disclosed as part of the IBM Java SDK updates in Jan 2021. Vulnerability Details CVEID: CVE-2020-27221 DESCRIPTION: Eclipse OpenJ9 is vulnerabl...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects WebSphere Application Server January 2021 CPU that is bundled with IBM WebSphere Application Server Patterns

Summary There are multiple vulnerabilities in the IBM SDK Java Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed in the IBM Java SDK updates in January 2021. Vulnerability Details CVEID: CVE-2020-14803 DESCRIPTION: An unspecified vulnerability i...

RHEL 8 : java-1.8.0-ibm (RHSA-2021:0736)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0736 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

Critical: Red Hat Security Advisory: java-1.8.0-ibm security update

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Critical: Red Hat Security Advisory: java-1.7.1-ibm security update

An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

EulerOS Virtualization for ARM 64 3.0.6.0 : glibc (EulerOS-SA-2021-1537)

According to the versions of the glibc packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A flaw was found in glibc. If an attacker provides the iconv function with invalid multi-byte input sequences in IBM136...

RHEL 7 : java-1.7.1-ibm (RHSA-2021:0733)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0733 advisory. IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IB...

SUSE SLES12 Security Update : grub2 (SUSE-SU-2021:0682-1)

This update for grub2 fixes the following issues : grub2 now implements the new 'SBAT' method for SHIM based secure boot revocation. bsc1182057 Following security issues are fixed that can violate secure boot constraints : CVE-2020-25632: Fixed a use-after-free in rmmod command bsc1176711...

D-Link DAP-2020 <= 1.01 Multiple Vulnerabilities - Active Check

D-Link DAP-2020 devices are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREFIX = "cpe:/o:dlink"; if...