CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

550 matches found

Fedora•added 2024/03/07 10:33 p.m.•23 views

[SECURITY] Fedora 40 Update: junit5-5.10.2-3.fc40

JUnit is a popular regression testing framework for Java platform...

8.8CVSS6.9AI score0.46427EPSS

Exploits3

Fedora•added 2024/03/07 10:33 p.m.•25 views

[SECURITY] Fedora 40 Update: jfreechart-1.5.4-5.fc40

JFreeChart is a comprehensive free chart library for the Java platform that c an be used on the client-side JavaFX and Swing or the server side with export to multiple formats including SVG, PNG and PDF...

8.8CVSS9.1AI score0.46427EPSS

Exploits3

RedHat Linux•added 2024/01/18 6:19 p.m.•3 views

OpenJDK: logging of digital signature private keys (8316976)

Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks o...

4.7CVSS7.3AI score0.00047EPSS

Exploits0References5

RedHat Linux•added 2024/01/17 7:19 p.m.•3 views

OpenJDK: logging of digital signature private keys (8316976)

4.7CVSS7.3AI score0.00047EPSS

Exploits0References5

RedHat Linux•added 2024/01/17 7:10 p.m.•2 views

OpenJDK: RSA padding issue and timing side-channel attack against TLS (8317547)

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...

7.4CVSS7.3AI score0.00319EPSS

Exploits0References5

RedHat Linux•added 2024/01/17 4:3 p.m.•3 views

OpenJDK: RSA padding issue and timing side-channel attack against TLS (8317547)

7.4CVSS7.3AI score0.00319EPSS

Exploits0References5

RedHat Linux•added 2024/01/17 2:15 p.m.•1 views

OpenJDK: RSA padding issue and timing side-channel attack against TLS (8317547)

7.4CVSS7.3AI score0.00319EPSS

Exploits0References5

CNNVD•added 2023/11/15 12:0 a.m.•2 views

XXL-JOB Security Vulnerability

XXL-JOB is a distributed task scheduling platform based on the java language from the Xu Xue Li XXL-JOB community. A security vulnerability exists in XXL-JOB xxl-job-admin version 2.4.0, which stems from a cross-site scripting XSS vulnerability in component /xxl-job-admin/joblog/logDetailPage...

5.4CVSS5.8AI score0.00085EPSS

Exploits1References2

RedHat Linux•added 2023/10/18 10:39 p.m.•1 views

OpenJDK: IOR deserialization issue in CORBA (8303384)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: CORBA. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf; Oracle GraalVM Enterprise Edition: 20.3.11 and 21.3.7. Easily exploitable vulnerability allows...

5.3CVSS7.1AI score0.00172EPSS

Exploits0References4

RedHat Linux•added 2023/10/18 4:26 p.m.•3 views

OpenJDK: certificate path validation issue during client authentication (8309966)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise...

5.3CVSS7.3AI score0.00098EPSS

Exploits0References4

RedHat Linux•added 2023/10/18 4:21 p.m.•3 views

OpenJDK: certificate path validation issue during client authentication (8309966)

5.3CVSS7.3AI score0.00098EPSS

Exploits0References4

RedHat Linux•added 2023/10/18 3:2 p.m.•4 views

OpenJDK: certificate path validation issue during client authentication (8309966)

5.3CVSS7.3AI score0.00098EPSS

Exploits0References4

RedHat Linux•added 2023/07/20 12:12 p.m.•3 views

OpenJDK: weakness in AES implementation (8308682)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2;...

5.1CVSS7.5AI score0.00102EPSS

Exploits0References4

RedHat Linux•added 2023/07/19 5:24 p.m.•1 views

OpenJDK: HTTP client insufficient file name validation (8302475)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle...

3.1CVSS7.3AI score0.00143EPSS

Exploits0References4

RedHat Linux•added 2023/07/17 8:51 a.m.•1 views

OpenJDK: improper connection handling during TLS handshake (8294474)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...

7.4CVSS7.2AI score0.00174EPSS

Exploits0References4

CNVD•added 2023/05/30 12:0 a.m.•31 views

Apache Sling Input Validation Error Vulnerability

Apache Sling is the United States Apache Apache Foundation of a Java platform for open source Web framework. Designed to comply with JSR-170 content repository such as Apache Jackrabbit to create content-centric applications. An input validation error vulnerability exists in Apache Sling Commons...

7.5CVSS6.7AI score0.00958EPSS

Exploits0Affected Software1

RedHat Linux•added 2023/04/20 2:50 a.m.•2 views

OpenJDK: missing string checks for NULL characters (8296622)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to explo...

3.7CVSS7.2AI score0.00099EPSS

Exploits0References4

RedHat Linux•added 2023/04/19 2:3 p.m.•2 views

OpenJDK: incorrect enqueue of references in garbage collector (8298191)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...

5.9CVSS7.2AI score0.00056EPSS

Exploits0References4

CNNVD•added 2023/04/10 12:0 a.m.•3 views

xxl-job 跨站脚本漏洞

XXL-JOB is a distributed task scheduling platform based on the java language from the Xu Xue Li XXL-JOB community. A security vulnerability exists in xxl-job, which originates from the successful execution of loads uploaded via HTML in /xxl-job-admin/user/add and /xxl-job-admin/user/update...

6.1CVSS6.4AI score0.00291EPSS

Exploits1References2

OpenVAS•added 2023/03/08 12:0 a.m.•28 views

Debian: Security Advisory (DLA-157-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS5.3AI score0.93538EPSS

Exploits10References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by