11 matches found
CVE-2024-27267
CVE-2024-27267 affects IBM SDK Java Technology Edition 7.1.x (7.1.0.0–7.1.5.18) and 8.0.x (8.0.0.0–8.0.8.26). The issue is a race condition in ORB listener thread management that can enable remote denial of service. Concrete details across IBM advisories show the vulnerability and link to mitigat...
CVE-2015-1931
CVE-2015-1931 affects IBM Java Security Components in IBM SDK, Java Technology Edition across multiple IBM Java releases. The issue arises from storing plaintext data in memory dumps, enabling local users to read sensitive information from memory dumps. Related IBM advisories (e.g., IBM Security ...
CVE-2014-8891
CVE-2014-8891 affects IBM SDK, Java Technology Edition (IBM JRE) under multiple releases: 5.0 before SR16-FP9, 6 before SR16-FP3, 6R1 before SR8-FP3, 7 before SR8-FP10, and 7R1 before SR2-FP10. The vulnerability allows remote attackers to escape the Java sandbox and execute arbitrary code through...
CVE-2015-5006
CVE-2015-5006 affects IBM SDK/Java Technology Edition (IBM Java Security Components) on multiple versions (8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, 6 before SR16 FP15). The root cause is exposure of Kerberos Credential Cache data, enabling physically proximate ...
CVE-2016-0363
CVE-2016-0363 affects IBM SDK, Java Technology Edition prior to specific SR updates: 6.0.16.25 (SR16 FP25) for 6.x, 6 R1 before SR8 FP25, 7 before SR9 FP40, 7 R1 before SR3 FP40, and 8 before SR3 (6.0.3.0–? not fully listed). The vulnerability arises when the invoke method of java.lang.reflect.Me...
CVE-2016-0376
Technical details about CVE-2016-0376 are not publicly available in the provided connected documents. No affected products, versions, root cause, or remediation details are disclosed here; monitor for updates.
CVE-2016-0264
CVE-2016-0264 is a buffer overflow in IBM Runtime Environment Java (IBM SDK, Java Technology Edition) that allows remote code execution under certain conditions. Affected IBM JRE/JVM versions include IBM SDK 6 (pre SR16 FP25), 6 R1 (pre SR8 FP25), 7 (pre SR9 FP40) and 7 R1 (pre SR3 FP40), and 8 (...
CVE-2018-1417
CVE-2018-1417 : A flaw in the IBM J9 VM within IBM SDK Java Technology Edition 7.1 and 8.0 can allow untrusted code running under a security manager to elevate privileges. IBM X-Force ID: 138823. CVSSv3 base score 8.1 (HIGH) with network attack vector, no authentication, and all impact metrics at...
CVE-2014-0878
CVE-2014-0878 affects IBMJCE/IBMSecureRandom in IBM SDK Java Technology Edition (various service refresh levels: 5.0 SR16 FP6 and earlier; 6 SR16 and earlier; 6.0.1 SR8; 7 SR7; 7R1 SR1). The vulnerability allows context-dependent attackers to predict the RNG output, undermining cryptographic prot...
CVE-2015-5041
CVE-2015-5041 : IBM J9 JVM flaw in IBM SDK, Java Technology Edition allows remote attackers to invoke non-public interface methods, potentially exposing sensitive data or allowing data injection. Affected IBM Java versions: 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 bef...
CVE-2014-8892
CVE-2014-8892 affects IBM SDK/JVM used by Tivoli Storage Productivity Center (IBM Java Technology Edition). The IBM security bulletin describes the vulnerability as a bypass of permission checks under a security manager, potentially allowing untrusted code to view sensitive information. Remediati...