CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2020/07/22 12:35 p.m.•1 views

OpenJDK: Incorrect handling of access control context in ForkJoinPool (Libraries, 8237117)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

5.8CVSS7.3AI score0.00576EPSS

RedHat Linux•added 2020/07/22 12:35 p.m.•2 views

OpenJDK: HostnameChecker does not ensure X.509 certificate names are in normalized form (JSSE, 8237592)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to...

4.3CVSS6.7AI score0.00283EPSS

RedHat Linux•added 2020/07/16 4:38 p.m.•0 views

OpenJDK: Incomplete bounds checks in Affine Transformations (2D, 8240119)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

7.4CVSS7.4AI score0.00409EPSS

RedHat Linux•added 2020/07/16 4:38 p.m.•1 views

OpenJDK: Incorrect handling of access control context in ForkJoinPool (Libraries, 8237117)

5.8CVSS7.3AI score0.00576EPSS

RedHat Linux•added 2020/07/16 10:13 a.m.•4 views

OpenJDK: HostnameChecker does not ensure X.509 certificate names are in normalized form (JSSE, 8237592)

4.3CVSS6.7AI score0.00283EPSS

RedHat Linux•added 2020/07/16 10:13 a.m.•2 views

OpenJDK: Unexpected exception raised by DerInputStream (Libraries, 8237731)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u261 and 8u251; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols ...

4.3CVSS6.7AI score0.00158EPSS

RedHat Linux•added 2020/07/16 10:13 a.m.•4 views

OpenJDK: Bypass of boundary checks in nio.Buffer via concurrent access (Libraries, 8238920)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

8.3CVSS7.4AI score0.01018EPSS

RedHat Linux•added 2020/07/16 10:13 a.m.•4 views

OpenJDK: Incomplete bounds checks in Affine Transformations (2D, 8240119)

7.4CVSS7.4AI score0.00409EPSS

RedHat Linux•added 2020/07/16 9:59 a.m.•0 views

OpenJDK: Unexpected exception raised by DerValue.equals() (Libraries, 8237736)

4.3CVSS6.7AI score0.00158EPSS

RedHat Linux•added 2020/07/16 9:59 a.m.•4 views

OpenJDK: Incomplete bounds checks in Affine Transformations (2D, 8240119)

7.4CVSS7.4AI score0.00409EPSS

RedHat Linux•added 2020/07/16 9:40 a.m.•1 views

OpenJDK: HostnameChecker does not ensure X.509 certificate names are in normalized form (JSSE, 8237592)

4.3CVSS6.7AI score0.00283EPSS

RedHat Linux•added 2020/07/16 9:40 a.m.•1 views

OpenJDK: Bypass of boundary checks in nio.Buffer via concurrent access (Libraries, 8238920)

8.3CVSS7.4AI score0.01018EPSS

RedHat Linux•added 2020/07/16 8:54 a.m.•1 views

OpenJDK: XML validation manipulation due to incomplete application of the use-grammar-pool-only feature (JAXP, 8242136)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JAXP. Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

5.3CVSS7.1AI score0.00474EPSS

RedHat Linux•added 2020/07/16 8:54 a.m.•2 views

OpenJDK: Incorrect handling of access control context in ForkJoinPool (Libraries, 8237117)

5.8CVSS7.3AI score0.00576EPSS

8.3CVSS7.5AI score0.01068EPSS

DEBIAN-CVE-2020-14664

Vulnerability in the Java SE product of Oracle Java SE component: JavaFX. The supported version that is affected is Java SE: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human...

OSV•added 2020/07/15 6:15 p.m.•1 views

DEBIAN-CVE-2020-14621

5.3CVSS5.8AI score0.00474EPSS

7.4CVSS6.3AI score0.00409EPSS

DEBIAN-CVE-2020-14593

3.7CVSS5.8AI score0.00385EPSS

DEBIAN-CVE-2020-14581

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocol...

3.7CVSS5.9AI score0.00405EPSS

DEBIAN-CVE-2020-14573

Vulnerability in the Java SE product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 11.0.7 and 14.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks o...