CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2019/10/16 3:1 p.m.•3 views

OpenJDK: Incorrect handling of HTTP proxy responses in HttpURLConnection (Networking, 8225298)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...

6.8CVSS7.4AI score0.02946EPSS

RedHat Linux•added 2019/10/16 3:1 p.m.•2 views

OpenJDK: Insufficient filtering of HTML event attributes in Javadoc (Javadoc, 8226765)

4.7CVSS7.4AI score0.01308EPSS

CNVD•added 2019/10/16 12:0 a.m.•2 views

Unspecified Vulnerability in Oracle Java SE and Java SE Embedded (CNVD-2019-37224)

Java SE is short for Java Platform Standard Edition, for the development and deployment of desktop, server, and embedded devices and real-time environment of Java applications. Java SE Embedded is based on Java SE, and provides specific features and support for embedded systems. An unspecified...

4.3CVSS6.6AI score0.00914EPSS

Exploits0References1

CNVD•added 2019/10/16 12:0 a.m.•2 views

Unspecified Vulnerability in Oracle Java SE and Java SE Embedded (CNVD-2019-37212)

Oracle Java SE and Oracle Java SE Embedded are both products of Oracle Corporation.Oracle Java SE is a Java platform for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments.Oracle Java SE Embedded is a Java platform that targets Java...

3.1CVSS6.6AI score0.00409EPSS

Exploits0References1

CNVD•added 2019/10/16 12:0 a.m.•2 views

Unspecified Vulnerability in Oracle Java SE and Java SE Embedded (CNVD-2019-37225)

4.3CVSS6.6AI score0.00476EPSS

Exploits0References1

RedHat Linux•added 2019/08/15 9:4 a.m.•1 views

OpenJDK: Missing URL format validation (Networking, 8221518)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access v...

5.8CVSS7.3AI score0.00175EPSS

RedHat Linux•added 2019/08/15 9:2 a.m.•2 views

OpenJDK: Unbounded memory allocation during deserialization in Collections (Utilities, 8213432)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Utilities. Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily exploitable vulnerability allows unauthenticated attacker with network access via...

5.3CVSS7.3AI score0.00639EPSS

OSV•added 2019/07/23 11:15 p.m.•1 views

CVE-2019-2842

Vulnerability in the Java SE component of Oracle Java SE subcomponent: JCE. The supported version that is affected is Java SE: 8u212. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this...

3.7CVSS6.6AI score0.00598EPSS

Exploits0References5

OSV•added 2019/07/23 12:0 a.m.•1 views

UBUNTU-CVE-2019-2842

3.7CVSS6.7AI score0.00598EPSS

Exploits0References5

OSV•added 2019/07/23 12:0 a.m.•0 views

UBUNTU-CVE-2019-2818

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...

3.1CVSS6.3AI score0.00478EPSS

Exploits0References5

RedHat Linux•added 2019/07/22 12:57 p.m.•5 views

OpenJDK: Unbounded memory allocation during deserialization in Collections (Utilities, 8213432)

5.3CVSS7.3AI score0.00639EPSS

RedHat Linux•added 2019/07/22 12:48 p.m.•2 views

OpenJDK: Missing array bounds check in crypto providers (JCE, 8223511)

4.3CVSS7.3AI score0.00598EPSS

RedHat Linux•added 2019/07/22 12:41 p.m.•2 views

OpenJDK: Missing URL format validation (Networking, 8221518)

5.8CVSS7.3AI score0.00175EPSS

OpenVAS•added 2019/05/31 12:0 a.m.•36 views

Debian: Security Advisory (DSA-4453-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.6AI score0.0419EPSS

Exploits1References4

XSS Vulnerability at JEESNS Articles

JEESNS is an open source social management system developed on the JAVA enterprise level platform. JEESNS articles at the existence of XSS vulnerability , an attacker can exploit the vulnerability to inject arbitrary Web script or HTML...

6.3AI score

XSS Vulnerability at JEESNS Gallery

JEESNS is an open source social management system developed on the JAVA enterprise level platform. JEESNS gallery at the existence of XSS vulnerability , an attacker can exploit the vulnerability to inject arbitrary Web script or HTML...

6.3AI score

XSS Vulnerability at JEESNS Q&A Service

JEESNS is an open source social management system developed on the JAVA enterprise level platform. JEESNS questions and answers at the existence of XSS vulnerability , an attacker can exploit the vulnerability to inject arbitrary Web script or HTML...

6.4AI score

XSS Vulnerability at Private Messages in JEESNS System

JEESNS is an open source social management system developed on the JAVA enterprise level platform. JEESNS system at the private message XSS vulnerability , an attacker can use the vulnerability to inject arbitrary Web script or HTML...

6.4AI score