OpenJDK: insufficient access control checks in ServiceRegistry (ImageIO, 8172461)

Vulnerability in the Java SE component of Oracle Java SE subcomponent: ImageIO. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...

OpenJDK: JAR verifier incorrect handling of missing digest (Security, 8169392)

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successfu...

OpenJDK: incorrect range checks in LambdaFormEditor (Libraries, 8184185)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. The supported version that is affected is Java SE: 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to...

OpenJDK: unrestricted access to com.sun.org.apache.xml.internal.resolver (JAXP, 8173286)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

JDK: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix

The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java Technology Edition 6 before SR16 FP25 6.0.16.25, 6 R1 before SR8 FP25 6.1.8.25, 7 before SR9 FP40 7.0.9.40, 7 R1 before SR3 FP40 7.1.3.40, and 8 before SR3 8.0.3.0 uses the invoke method of the java.lang.reflect.Method class in an...

OpenJDK: incomplete XML parse tree size enforcement (JAXP, 8169011)

It was found that the JAXP component of OpenJDK failed to correctly enforce parse tree size limits when parsing XML document. An attacker able to make a Java application parse a specially crafted XML document could use this flaw to make it consume an excessive amount of CPU and memory...

JDK: unspecified vulnerability fixed in 7u111 and 8u101 (Deployment)

Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Deployment...

Vulnerability of the Java Platform software platform, which allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability in the Java SE software platform’s Java SE and OpenJDK allows a malicious actor, operating remotely, to compromise the confidentiality, integrity, and accessibility of data by using subcomponents called Libraries...

The vulnerability of the Java Development Kit application development tool allows a remote attacker to compromise data confidentiality and integrity.

The vulnerability of the Java Development Kit application development tool relates to subcomponents of the program. Exploiting this vulnerability allows a malicious attacker to compromise the confidentiality, integrity, and accessibility of data, by utilizing the 2D subcomponent...

The vulnerability of the Java Development Kit application development tool allows a remote attacker to compromise data confidentiality and integrity.

The vulnerability of the Java Development Kit application development tool, related to its subcomponents. Exploiting this vulnerability allows a malicious attacker to compromise data confidentiality and integrity by using the subcomponent Deployment...

The vulnerability of the Java Development Kit application development tool allows a remote attacker to compromise data confidentiality and integrity.

The vulnerability of the Java Development Kit application development tool relates to the subcomponents of the program. Exploiting this vulnerability allows a malicious attacker to compromise the confidentiality, integrity, and accessibility of data by using the AWT subcomponent...

The vulnerability of the Java Development Kit application development tool allows a remote attacker to compromise data confidentiality and integrity.

The vulnerability of the Java Development Kit, related to the subcomponents of the program. Exploiting this vulnerability allows a malicious attacker to compromise the confidentiality, integrity, and accessibility of data, by using the JAXP subcomponent...

The vulnerability of the Java Development Kit application development tool allows a remote attacker to compromise data confidentiality and integrity.

The vulnerability of the Java Development Kit application development tool relates to subcomponents of the program. Exploiting this vulnerability allows a malicious attacker to compromise data confidentiality and integrity by using the Deployment subcomponent...

The vulnerability of the Java Development Kit application development tool allows a remote attacker to compromise data confidentiality and integrity.

The vulnerability of the Java Development Kit, related to the subcomponents of the program. Exploiting this vulnerability allows a malicious attacker to compromise the confidentiality, integrity, and accessibility of data, by using the Hotspot subcomponent...

The vulnerability of the Java Development Kit application development tool allows a remote attacker to compromise data confidentiality and integrity.

The vulnerability of the Java Development Kit application development tool relates to subcomponents of the program. Exploiting this vulnerability allows a malicious attacker to compromise data confidentiality and integrity by using the Deployment subcomponent...

The vulnerability of the Java Development Kit application development tool allows a remote attacker to compromise data confidentiality and integrity.

The vulnerability of the Java Development Kit application development tool relates to subcomponents of the program. Exploiting this vulnerability allows a malicious attacker to compromise data confidentiality and integrity by utilizing the Security subcomponent...

The vulnerability of the Java Development Kit application development tool allows a remote attacker to compromise data confidentiality and integrity.

The vulnerability of the Java Development Kit, related to the subcomponents of the program. Exploiting this vulnerability allows a malicious attacker to manipulate data accessibility by using the JavaFX subcomponent...

The vulnerability of the Java Development Kit application development tool allows a remote attacker to compromise data confidentiality and integrity.

The vulnerability of the Java Development Kit application development tool relates to JavaFX subcomponents. Exploiting this vulnerability allows a malicious attacker to manipulate data accessibility by using JavaFX subcomponents...

The vulnerability of the Java Development Kit application development tool allows a remote attacker to compromise data confidentiality and integrity.

The vulnerability of the Java Development Kit, related to the program’s subcomponents. Exploiting this vulnerability allows a malicious attacker to compromise the confidentiality, integrity, and accessibility of data, by using the JNDI subcomponent...

The vulnerability of the Java Development Kit application development tool allows a remote attacker to compromise data confidentiality and integrity.

The vulnerability of the Java Development Kit application development tool relates to subcomponents of the program. Exploiting this vulnerability allows a malicious attacker to compromise data confidentiality and integrity by using the Deployment subcomponent...