14 matches found
Security Bulletin: Vulnerabilities in Pivota Spring Framework, VMware Tanzu Spring Framework, VMware Spring Framework might affect IBM Storage Defender Copy Data Management.
Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Pivota Spring Framework, VMware Tanzu Spring Framework, VMware Spring Framework. Vulnerabilities include an attacker and remote attacker could exploit these vulnerabilities to execute arbitrary code on the...
RHEL 7 : ibm_jdk (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - IBM JDK: unsafe deserialization flaw in the Object Request Broker ORB CVE-2022-40609 - IBM JDK: Object...
Security Bulletin: VMware Tanzu Spring Framework is vulnerable to multiple security CVEs used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses VMWare Tanzu Spring Framework which is vulnerable to multiple security CVEs. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-22262 DESCRIPTION: VMware Tanzu Spring Framewo...
Security Bulletin: A vulnerability in IBM Java SDK and IBM Java Runtime affects IBM® Db2® (CVE-2022-40609)
Summary There was a vulnerability in IBM® Runtime Environment Java™ Version 7.1.5.18 and earlier, 8.0.8.4 and earlier used by IBM® Db2®. Vulnerability Details CVEID:CVE-2022-40609 DESCRIPTION: IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary...
Security Bulletin: IBM SDK, Java Technology Edition, Security Update August 2023
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, 8 that is used by Rational Application Developer®. These issues were disclosed as part of the IBM Java SDK updates up to August 2023. IBM 8 SR8 FP5 1.8.0371. Vulnerability Details CVEID:CVE-2022-40609 DESCRIPTION: IB...
Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to arbitrary code execution due to an unsafe deserialization flaw (CVE-2022-40609).
Summary IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ used by IBM i are vulnerable to an attacker executing arbitrary code due to an unsafe deserialization flaw as described in the vulnerability details section. The vulnerability is fixed by applying an IBM i Group PTF for...
Security Bulletin: Vulnerability in IBM Java SDK and IBM Java Runtime affect Rational Functional Tester
Summary There is vulnerability in IBM® SDK Java™ Technology Edition, Version 1.8 and IBM® Runtime Environment Java™ Version 1.8 used by Rational Functional Tester. Rational Functional Tester has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2022-40609 DESCRIPTION: IBM SDK, Java...
Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in XStream
Summary Multiple vulnerabilities in XStream that is used by IBM InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2021-39145 DESCRIPTION: XStream could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization...
Fix of CVE: CVE-2022-23307, CVE-2022-23302
CVE-2022-23307: Fix Unsafe deserialization flaw in Chainsaw log viewer - CVE-2022-23302: Fix remote code execution when application is configured to use JMSSink...
Moderate: Red Hat Security Advisory: Red Hat Single Sign-On 7.4.10 security update
A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 7 / 8 : Red Hat JBoss Enterprise Application Platform 7.4 (RHSA-2022:0436)
The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0436 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This...
Important: Red Hat Security Advisory: parfait:0.5 security update
An update for the parfait:0.5 module is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Important: parfait:0.5 security update
Parfait is a Java performance monitoring library that collects metrics and exposes them through a variety of outputs. It provides APIs for extracting performance metrics from the JVM and other sources. It interfaces to Performance Co-Pilot PCP using the Memory Mapped Value MMV machinery for...
Security Bulletin: Vulnerabilities in XStream affect IBM Spectrum Protect Plus
Summary Multiple vulnerabilities in XStream, such as execution of arbitrary code, denial of service, and server-side request forgery, may affect IBM Spectrum Protect Plus. Vulnerability Details CVEID: CVE-2021-39146 DESCRIPTION: XStream could allow a remote authenticated attacker to execute...