1357 matches found
Oracle Java SE and Java SE Embedded Access Control Error Vulnerability (CNVD-2019-26752)
Oracle Java SE and Oracle Java SE Embedded are both products of Oracle Corporation.Oracle Java SE is a Java platform for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments.Oracle Java SE Embedded is a Java platform that targets Java...
OpenJDK: Slow conversion of BigDecimal to long (Libraries, 8211936)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via...
Important: java-11-amazon-corretto
Issue Overview: Vulnerability in the Java SE component of Oracle Java SE subcomponent: 2D. Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE...
OpenJDK: Slow conversion of BigDecimal to long (Libraries, 8211936)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via...
Amazon Linux 2 : java-1.7.0-openjdk (ALAS-2019-1209)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via...
OpenJDK: memory disclosure in FileChannelImpl (Libraries, 8206290)
Vulnerability in the Java SE component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to...
Privilege Escalation
Oracle Java SE is vulnerable to privilege escalation vulnerability. The vulnerability exists in the Java SE, Java SE Embedded component of Oracle Java SE due to an unknown code block of the component Hotspot. An unauthenticated attacker with network access via multiple protocols could compromise...
Denial Of Service (DoS)
Oracle Java SE is vulnerable to denial of service DoS attacks. The vulnerability exists in an unknown functionality of the component Security. An unauthenticated attacker with network access via multiple protocols could compromise Java SE, Java SE Embedded, JRockit causing a system crash...
Information Disclosure
Oracle Java SE is vulnerable to information disclosure attacks. This is because the JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. A local attacker could possibly use thi...
OpenJDK: Slow conversion of BigDecimal to long (Libraries, 8211936)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via...
OpenJDK: Slow conversion of BigDecimal to long (Libraries, 8211936)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via...
OpenJDK: Incorrect skeleton selection in RMI registry server-side dispatch handling (RMI, 8218453)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: RMI. Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
Denial Of Service (DoS)
Java SE, Java SE Embedded and JRockit are vulnerable to denial of service attacks. A remote, unauthenticated attacker could submit malicious input leading to the exploitation of the flawed Networking component causing partial denial of service conditions...
Sandbox Restrictions Bypass
Java SE and Java SE Embedded are vulnerable to sandbox restrictions bypass. A remote, unauthenticated attacker could submit malicious input leading to the exploitation of the flawed Hotspot component to gain elevated privileges. Successful attacks could result in takeover of Java SE and Java SE...
Sandbox Restrictions Bypass
Java SE, Java SE Embedded and JRockit are vulnerable to sandbox restrictions bypass. A remote, unauthenticated attacker could submit malicious input leading to the exploitation of the flawed RMI component to gain elevated privileges. Successful attacks of this vulnerability can result in...
Denial Of Service (DoS)
Java SE and Java SE Embedded are vulnerable to denial of service attacks. A remote, unauthenticated attacker could submit malicious input leading to the exploitation of the flawed JAXP component causing partial denial of service conditions...
Sandbox Restrictions Bypass
Java SE and Java SE Embedded are vulnerable to sandbox restrictions bypass. A remote, unauthenticated attacker could submit malicious input leading to the exploitation of the flawed RMI component to gain elevated privileges. Successful attacks could result in takeover of Java SE and Java SE...
Denial Of Service (DoS)
Java SE, Java SE Embedded and JRockit are vulnerable to denial of service attacks. A remote, unauthenticated attacker could exploit the flawed JAX-WS component to partially access data and cause partial denial of service conditions...
Privilege Escalation
Java SE, Java SE Embedded and JRockit are vulnerable to privilege escalation attacks. A remote, unauthenticated attacker could submit malicious input leading to the exploitation of the flawed Security component to gain elevated privileges. Successful attacks could result in unauthorized access to...
Denial Of Service
Java SE and Java SE Embedded are vulnerable to denial of serviceDoS attacks. A remote user can exploit a flaw in the Serialization component to cause application crash resulting in partial denial of service conditions...