CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2018/10/17 9:26 p.m.•3 views

OpenJDK: Improper field access checks (Hotspot, 8199226)

8.3CVSS7.4AI score0.006EPSS

RedHat Linux•added 2018/04/30 4:21 p.m.•3 views

OpenJDK: unbounded memory allocation during deserialization in PriorityBlockingQueue (Concurrency, 8189981)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Concurrency. Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...

5.3CVSS7.3AI score0.00293EPSS

RedHat Linux•added 2018/04/23 5:15 p.m.•4 views

JDK: unspecified vulnerability fixed in 8u171 and 10.0.1 (Install)

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Install. Supported versions that are affected are Java SE: 8u162 and 10. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE executes to compromise Java SE...

7.7CVSS5.8AI score0.00161EPSS

RedHat Linux•added 2018/04/23 5:15 p.m.•3 views

OpenJDK: unbounded memory allocation during deserialization in PriorityBlockingQueue (Concurrency, 8189981)

5.3CVSS7.3AI score0.00293EPSS

CNVD•added 2018/03/15 12:0 a.m.•1 views

Unspecified Vulnerability in inversoft prime-jwt

inversoft prime-jwt is an open source Java 8-based JWT library . A security vulnerability exists in JWTDecoder.decode in versions prior to inversoft prime-jwt 1.3.0 and commit 0d94dcef0133d699f21d217e922564adbb83a227. No details of the vulnerability are provided at this time...

9.8CVSS6.9AI score0.00411EPSS

Exploits0References1

RedHat Linux•added 2018/02/26 9:37 p.m.•2 views

JDK: J9 JVM allows untrusted code running under a security manager to elevate its privileges

Under certain circumstances, a flaw in the J9 JVM IBM SDK, Java Technology Edition 7.1 and 8.0 allows untrusted code running under a security manager to elevate its privileges. IBM X-Force ID: 138823...

8.1CVSS5.9AI score0.01417EPSS

RedHat Linux•added 2018/01/22 8:40 p.m.•1 views

OpenJDK: GTK library loading use-after-free (AWT, 8185325)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...

6.1CVSS7.4AI score0.00162EPSS

RedHat Linux•added 2018/01/18 9:55 p.m.•3 views

JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Deployment)

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Deployment. Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...

8.3CVSS7.4AI score0.00631EPSS

OSV•added 2018/01/17 12:0 a.m.•1 views

UBUNTU-CVE-2018-2634

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JGSS. Supported versions that are affected are Java SE: 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

6.8CVSS6.7AI score0.00169EPSS

RedHat Linux•added 2017/12/06 1:42 p.m.•4 views

OpenJDK: multiple unbounded memory allocations in deserialization (Libraries, 8181432)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multip...

RedHat Linux•added 2017/10/24 12:14 p.m.•3 views

OpenJDK: unbounded memory allocation in JAXWSExceptionBase deserialization (JAX-WS, 8181100)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAX-WS. Supported versions that are affected are Java SE: 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protoco...

RedHat Linux•added 2017/10/24 12:14 p.m.•3 views

OpenJDK: unbounded memory allocation in SimpleTimeZone deserialization (Serialization, 8181323)

Vulnerability in the Java SE, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

RedHat Linux•added 2017/10/23 7:44 a.m.•4 views

OpenJDK: unbounded memory allocation in JAXWSExceptionBase deserialization (JAX-WS, 8181100)

RedHat Linux•added 2017/10/20 11:31 a.m.•1 views

OpenJDK: unbounded memory allocation in JAXWSExceptionBase deserialization (JAX-WS, 8181100)

Broadcom•added 2017/08/25 12:0 a.m.•5 views

BSA-2017-421

Security Advisory ID : BSA-2017-421 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JCE. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14...

5.9CVSS7.5AI score0.00189EPSS

Exploits0

RedHat Linux•added 2017/08/23 9:17 a.m.•3 views

OpenJDK: JAR verifier incorrect handling of missing digest (Security, 8169392)

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successfu...

7.5CVSS7.4AI score0.00497EPSS

RedHat Linux•added 2017/08/15 7:58 p.m.•1 views

OpenJDK: insufficient access control checks in AsynchronousChannelGroupImpl (8172465, Libraries)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protoco...

9.6CVSS7.4AI score0.00259EPSS

RedHat Linux•added 2017/08/14 9:48 a.m.•1 views

OpenJDK: unbounded memory allocation in CodeSource deserialization (Serialization, 8174113)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker...

5.3CVSS7.4AI score0.005EPSS