925 matches found
Authorization Bypass
java-1.8.0-openjdk is vulnerable to authorization bypass attacks. The vulnerability exists as a vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161...
Authorization Bypass
java-1.8.0-openjdk is vulnerable to authorization bypass attacks. The vulnerability exists as a vulnerability in the Java SE component of Oracle Java SE subcomponent: Smart Card IO. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Difficult to exploit vulnerability...
CVE-2018-3183
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Scripting. Supported versions that are affected are Java SE: 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network...
Design/Logic Flaw
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
CVE-2018-3214
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Sound. Supported versions that are affected are Java SE: 6u201, 7u191 and 8u182; Java SE Embedded: 8u181; JRockit: R28.3.19. Easily exploitable vulnerability allows unauthenticated attacker with...
CVE-2018-3136
CVE-2018-3136 affects Oracle Java SE/Embedded Security component (and related features) with Java SE 6u201, 7u191, 8u182, 11 and Java SE Embedded 8u181 (AIX/others show broader OpenJDK/OpenJDK updates). The vulnerability allows unauthenticated network access to compromise Java SE/Embedded Securit...
CVE-2018-3209
Vulnerability in the Java SE component of Oracle Java SE subcomponent: JavaFX. The supported version that is affected is Java SE: 8u182. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require...
CVE-2018-3136
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
CVE-2018-3169
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Hotspot. Supported versions that are affected are Java SE: 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
Amazon Linux 2 : java-1.8.0-openjdk (ALAS-2018-1054)
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Concurrency. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this...
Security Bulletin: Rational Host On-Demand clients affected by vulnerabilities in IBM JRE
Summary IBM Rational Host On-Demand provides a Java JRE as part of its server package for clients to download and install on client machines. The vulnerabilities are only applicable to client-side Java deployments where untrusted code may be executed such as Java applets running in a web browser...
CVE-2018-2973
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JSSE. Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
CVE-2018-2964
Vulnerability in the Java SE component of Oracle Java SE subcomponent: Deployment. Supported versions that are affected are Java SE: 8u172 and 10.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...
CVE-2018-2942
Vulnerability in the Java SE component of Oracle Java SE subcomponent: Windows DLL. Supported versions that are affected are Java SE: 7u181 and 8u172. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...
CVE-2018-2972
CVE-2018-2972 affects Java SE/OpenJDK 10.x (examples cited in SUSE/openSUSE advisories) where the security sub-component had a difficult-to-exploit vulnerability that could allow network-based compromise of Java SE, potentially exposing or yielding access to data. The connected advisories indicat...
CVE-2018-2938
Vulnerability in the Java SE component of Oracle Java SE subcomponent: Java DB. Supported versions that are affected are Java SE: 6u191, 7u181 and 8u172. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. While the...
CVE-2018-2941
Vulnerability in the Java SE component of Oracle Java SE subcomponent: JavaFX. Supported versions that are affected are Java SE: 7u181, 8u172 and 10.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...
CVE-2018-2952
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Concurrency. Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit vulnerability allows unauthenticated...
CVE-2018-2942
Vulnerability in the Java SE component of Oracle Java SE subcomponent: Windows DLL. Supported versions that are affected are Java SE: 7u181 and 8u172. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...
Design/Logic Flaw
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...