Security Bulletin: Vulnerability in IBM WebSphere Liberty Profile affects IBM InfoSphere Identity Insight (CVE-2022-22475 and CVE-2022-22476)

Summary The IBM WebSphere Liberty Profile used in IBM InfoSphere Identity Insight is vulnerable to identity spoofing by an authenticated user. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions...

Security Bulletin: A security vulnerability has been identified in IBM Java SDK shipped with IBM InfoSphere Optim Performance Manager (CVE-2015-4872)

Summary IBM Java SKD is shipped as a component of IBM InfoSphere Optim Performance Manager. Information about a security vulnerability affecting IBM Java SDK has been published in a security bulletin. Vulnerability Details CVEID: CVE-2015-4872 DESCRIPTION: An unspecified vulnerability in Oracle...

Security Bulletin: Upward Integration Module for HP Openview Operations for Windows is affected by multiple vulnerabilities in IBM Java SDK

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition that is shipped with Upward Integration Module for HP Openview Operations for Windows. These issues were disclosed as part of the Java Technology Edition Quarterly CPU - January 2015. Vulnerability Details Abstract Ther...

Security Bulletin: Vulnerability in SSLv3 affects IBM Systems Director (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM Systems Director. Vulnerability Details Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgrade...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK 7 affect IBM Systems Director.

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 7 that is used by IBM Systems Director. These issues were disclosed as part of the IBM Java SDK updates in July 2017. Vulnerability Details CVEID: CVE-2017-10115 DESCRIPTION: An unspecified vulnerability in...

Security Bulletin: Multiple vulnerabilities in IBM® SDK Java™ Technology Edition affect Data Studio, InfoSphere Data Architect, Optim Query Workload Tuner for Linux, UNIX and Windows, and Optim Query Workload Tuner for z/OS (CVE-2016-0466, CVE-2015-7575)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is used by IBM Data Studio, InfoSphere Data Architect, Optim Query Workload Tuner for Linux, UNIX and Windows, and Optim Query Workload Tuner for z/OS. These issues were disclosed as part of the IBM Java SDK...

Security Bulletin: A security vulnerability has been identified in IBM Java SDK shipped with IBM Data Studio, InfoSphere Data Architect, Optim Query Workload Tuner for Linux, UNIX and Windows, and Optim Query Workload Tuner for z/OS (CVE-2015-4872)

Summary IBM Java SDK is shipped as a component of IBM Data Studio, InfoSphere Data Architect, InfoSphere Optim Query Workload Tuner for Linux, UNIX and Windows, and InfoSphere Optim Query Workload Tuner for z/OS. Information about a security vulnerability affecting IBM Java SDK has been published...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Data Studio Web Console. (CVE-2014-6593, CVE-2015-0410)

Summary There are multiple vulnerabilities in IBMｮ Runtime Environments JavaTechnology Edition, Version 5, 6 and 7 that is used by IBM Data Studio Web Console DSWC. These issues were disclosed as part of the IBM Java SDK updates in January 2015. Vulnerability Details CVE-ID: CVE-2014-6593...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect various Optim data server tools desktop products (CVE-2014-6558, CVE-2014-3068)

Summary There are multiple vulnerabilities in IBM SDK Java™ Technology Edition, Versions 7 Service Refresh 7 Fix Pack 1, 7R1 Service Refresh 1 Fix Pack 1, 6 Service Refresh 16 Fix Pack 1, and earlier releases that are used by various Optim data server tools desktop products. These issues were...

openSUSE Security Update : fossil (openSUSE-2017-1365)

This update for fossil to version 2.4 fixes the following issues : - CVE-2017-17459: Client-side code execution via crafted 'ssh://' URLs bsc1071709 The impact of this vulnerability is more limited than similar vectors fixed in other SCMs, as there is no known way to mask the repository URL or...