Lucene search
K

91 matches found

BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.6 views

The vulnerability of the Jrockit software platform allows a malicious individual to compromise data confidentiality and integrity.

The vulnerability of the Jrockit platform, related to its subcomponents. Exploiting this vulnerability allows an unauthorized attacker to compromise data confidentiality and integrity by using the JNDI subcomponent...

5.8CVSS7.1AI score0.0435EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.8 views

The vulnerability of the Java Development Kit application development tool allows a remote attacker to compromise data confidentiality and integrity.

The vulnerability of the Java Development Kit, related to the program’s subcomponents. Exploiting this vulnerability allows a malicious attacker to compromise the confidentiality, integrity, and accessibility of data, by using the JNDI subcomponent...

10CVSS6.2AI score0.06051EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2015/07/22 7:56 p.m.5 views

OpenJDK: DnsClient fails to release request information after error (JNDI, 8075378)

It was discovered that the JNDI component in OpenJDK did not handle DNS resolution errors correctly. An attacker able to trigger such DNS errors could cause a Java application using JNDI to consume memory and CPU time, and possibly block further DNS resolution...

4.3CVSS6.7AI score0.03316EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2015/07/17 8:4 a.m.4 views

OpenJDK: DnsClient fails to release request information after error (JNDI, 8075378)

It was discovered that the JNDI component in OpenJDK did not handle DNS resolution errors correctly. An attacker able to trigger such DNS errors could cause a Java application using JNDI to consume memory and CPU time, and possibly block further DNS resolution...

4.3CVSS6.7AI score0.03316EPSS
Exploits0References5
CNVD
CNVD
added 2015/07/17 12:0 a.m.3 views

Oracle Java SE/Jrockit/Java SE Embedded Denial of Service Vulnerability

Oracle Java SE, JRockit, and Java SE Embedded are products of Oracle Corporation. Java SE Java Platform Standard Edition is used to develop and deploy Java applications for desktops, servers, and embedded devices and real-time environments; JRockit is a Java virtualization machine built into Orac...

4.3CVSS6.8AI score0.03316EPSS
Exploits0References1
OSV
OSV
added 2015/07/16 12:0 a.m.3 views

UBUNTU-CVE-2015-4749

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect availability via vectors related to JNDI...

4.3CVSS6.2AI score0.03316EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2014/05/15 5:28 p.m.7 views

OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731)

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI...

5.8CVSS6.8AI score0.0435EPSS
Exploits0References5
OSV
OSV
added 2014/04/23 4:13 p.m.22 views

MGASA-2014-0189 Updated java-1.7.0-openjdk packages fix multiple security vulnerabilities

Updated java-1.7.0-openjdk packages fix security vulnerabilities: An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when processed. A remote attacker, or an untrusted Java application...

10CVSS7.7AI score0.07571EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/04/17 11:30 a.m.7 views

OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731)

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI...

5.8CVSS6.8AI score0.0435EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/04/17 11:30 a.m.3 views

OpenJDK: insufficient package access checks in the Naming component (JNDI, 8025758)

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI. NOTE: the previous information is from the January 2014 CPU. Oracle has not commente...

10CVSS6.4AI score0.06051EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/04/16 11:34 a.m.4 views

OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731)

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI...

5.8CVSS7.1AI score0.0435EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/04/16 11:24 a.m.6 views

OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731)

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI...

5.8CVSS7.1AI score0.0435EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/04/16 11:23 a.m.4 views

OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731)

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI...

5.8CVSS7.1AI score0.0435EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/02/04 7:34 p.m.5 views

OpenJDK: insufficient package access checks in the Naming component (JNDI, 8025758)

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI. NOTE: the previous information is from the January 2014 CPU. Oracle has not commente...

10CVSS6.4AI score0.06051EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/11/07 4:47 p.m.5 views

OpenJDK: VersionHelper12 does not honor modifyThreadGroup restriction (JNDI, 8013739)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI...

10CVSS6.8AI score0.06295EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/10/22 5:13 p.m.4 views

OpenJDK: VersionHelper12 does not honor modifyThreadGroup restriction (JNDI, 8013739)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI...

10CVSS6.8AI score0.06295EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/10/17 5:31 p.m.2 views

OpenJDK: VersionHelper12 does not honor modifyThreadGroup restriction (JNDI, 8013739)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI...

10CVSS6.8AI score0.06295EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2012/07/31 2:24 p.m.5 views

JNDI: unauthenticated remote write access is permitted by default

The 1 JNDI service, 2 HA-JNDI service, and 3 HAJNDIFactory invoker servlet in JBoss Enterprise Application Platform 4.3.0 CP10 and 5.1.2, Web Platform 5.1.2, SOA Platform 4.2.0.CP05 and 4.3.0.CP05, Portal Platform 4.3 CP07 and 5.2.x before 5.2.2, and BRMS Platform before 5.3.0 do not properly...

7.5CVSS5.9AI score0.03521EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2012/07/23 5:47 p.m.6 views

JNDI: unauthenticated remote write access is permitted by default

The 1 JNDI service, 2 HA-JNDI service, and 3 HAJNDIFactory invoker servlet in JBoss Enterprise Application Platform 4.3.0 CP10 and 5.1.2, Web Platform 5.1.2, SOA Platform 4.2.0.CP05 and 4.3.0.CP05, Portal Platform 4.3 CP07 and 5.2.x before 5.2.2, and BRMS Platform before 5.3.0 do not properly...

7.5CVSS5.9AI score0.03521EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2012/06/22 1:12 a.m.11 views

Important: Red Hat Security Advisory: JBoss Enterprise BRMS Platform 5.3.0 update

JBoss Enterprise BRMS Platform 5.3.0, which fixes multiple security issues, various bugs, and adds enhancements is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS...

7.5CVSS6.3AI score0.03521EPSS
Exploits6References6
Rows per page
Query Builder