CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

293 matches found

RedHat Linux•added 2017/08/07 3:5 p.m.•2 views

OpenJDK: unbounded memory allocation in CodeSource deserialization (Serialization, 8174113)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker...

5.3CVSS7.4AI score0.005EPSS

Exploits0References4

RedHat Linux•added 2017/08/07 3:5 p.m.•2 views

OpenJDK: unrestricted access to com.sun.org.apache.xml.internal.resolver (JAXP, 8173286)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

9.6CVSS7.4AI score0.00247EPSS

Exploits0References4

RedHat Linux•added 2017/07/20 3:59 p.m.•2 views

OpenJDK: insufficient access control checks in ImageWatched (AWT, 8174098)

Vulnerability in the Java SE component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attac...

9.6CVSS7.4AI score0.00247EPSS

Exploits0References4

RedHat Linux•added 2017/05/09 4:41 p.m.•3 views

OpenJDK: ECDSA implementation timing attack (Libraries, 8168724)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protoco...

6.5CVSS7.4AI score0.00527EPSS

Exploits0References4

CNVD•added 2017/05/02 12:0 a.m.•1 views

Oracle Java SE/JRockit Remote Security Vulnerability (CNVD-2017-07164)

Java SE is short for Java Platform Standard Edition, based on the JDK and JRE, for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments. Oracle Java SE: 7u131, 8u121; Java SE Embedded: 8u121 has a remote security vulnerability in its...

3.1CVSS8.4AI score0.00307EPSS

Exploits0References1

RedHat Linux•added 2017/02/28 8:19 a.m.•3 views

OpenJDK: insecure class construction (Hotspot, 8167104)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Hotspot. Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols...

9.6CVSS7.4AI score0.00645EPSS

Exploits1References4

RedHat Linux•added 2017/02/28 8:19 a.m.•3 views

OpenJDK: ECDSA implementation timing attack (Libraries, 8168724)

6.5CVSS7.4AI score0.00527EPSS

Exploits0References4

RedHat Linux•added 2017/02/13 11:17 a.m.•4 views

OpenJDK: insufficient protected field access checks in atomic field updaters (Libraries, 8165344)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

9.6CVSS7.4AI score0.01126EPSS

Exploits1References4

RedHat Linux•added 2017/02/13 11:17 a.m.•4 views

OpenJDK: insecure class construction (Hotspot, 8167104)

9.6CVSS7.4AI score0.00645EPSS

Exploits1References4

OSV•added 2017/01/27 10:59 p.m.•2 views

CVE-2017-3260

Vulnerability in the Java SE component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks...

8.3CVSS7.2AI score

Exploits0References7

CNVD•added 2017/01/20 12:0 a.m.•2 views

Oracle Java SE and JRockit Remote Security Vulnerability (CNVD-2017-00933)

Oracle Java SE and JRockit are both products of Oracle Corporation. Java SE Java Platform Standard Edition is used for developing and deploying Java applications on desktops, servers, and embedded devices and real-time environments; JRockit is a Java virtual machine built into Oracle Fusion...

7.5CVSS9.1AI score0.01827EPSS

Exploits0References1

RedHat Linux•added 2016/11/02 11:5 a.m.•2 views

JDK: unspecified vulnerability fixed in 6u131, 7u121, and 8u111 (2D)

Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D...

9.6CVSS7.4AI score0.03921EPSS

Exploits0References5

RedHat Linux•added 2016/07/21 10:19 a.m.•3 views

OpenJDK: insufficient bytecode verification (Hotspot, 8155981)

Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot...

9.6CVSS7.4AI score0.03532EPSS

Exploits0References5

RedHat Linux•added 2016/07/21 10:19 a.m.•2 views

JDK: unspecified vulnerability fixed in 7u111 and 8u101 (JavaFX)

Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows remote attackers to affect availability via vectors related to JavaFX...

5.3CVSS7.4AI score0.05585EPSS

Exploits0References5

OSV•added 2016/07/21 10:14 a.m.•3 views

CVE-2016-3606

Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot...

9.6CVSS5.6AI score

Exploits0References24

RedHat Linux•added 2016/07/18 1:51 p.m.•3 views

OpenJDK: incorrect String object deserialization in IIOPInputStream (CORBA, 8076387)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect availability via vectors related to CORBA...

5CVSS7.3AI score0.058EPSS

Exploits0References5

OSV•added 2016/04/21 12:0 a.m.•0 views

UBUNTU-CVE-2016-3425

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP...

4.3CVSS6.7AI score0.07544EPSS

Exploits0References6

RedHat Linux•added 2016/01/21 11:54 a.m.•3 views

OpenJDK: URL deserialization inconsistencies (Networking, 8059054)

Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking...

5CVSS7.2AI score0.01379EPSS

Exploits0References5

RedHat Linux•added 2015/11/23 12:56 p.m.•2 views

OpenJDK: leak of user.dir location (JAXP, 8078427)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JAXP...

5CVSS7.3AI score0.02698EPSS

Exploits0References5

RedHat Linux•added 2015/11/23 12:40 p.m.•2 views

OpenJDK: OOB access in CMS code (2D, 8086092)

Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via unknown vectors related to 2D...

5CVSS7.2AI score0.02698EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by