CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

64 matches found

Veracode•added 2019/05/02 4:44 a.m.•34 views

Permission Check Bypass

OpenJDK 7 Java Runtime Environment and OpenJDK 7 Software Development Kit is vulnerable to permission check bypass. The attack is due to incorrect setter access check in MethodHandles.java, allowing an attacker to set value of a final field...

3.7CVSS8.6AI score0.93397EPSS

Exploits6References19Affected Software1

Zero Day Initiative•added 2018/04/18 12:0 a.m.•31 views

Oracle Java MethodHandles setVolatile Type Confusion Sandbox Escape Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation o...

6.8CVSS2.8AI score0.01133EPSS

Exploits0References1

Zero Day Initiative•added 2018/04/18 12:0 a.m.•36 views

Oracle Java MethodHandles tryFinally Type Confusion Sandbox Escape Vulnerability

6.8CVSS2.6AI score0.0335EPSS

Exploits0References1

RedHat Linux•added 2017/05/09 4:41 p.m.•3 views

OpenJDK: incorrect handling of MethodHandles.dropArguments() argument (Libraries, 8155985)

Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3610...

9.6CVSS7.4AI score0.07073EPSS

Exploits0References5

RedHat Linux•added 2016/08/10 5:21 p.m.•6 views

OpenJDK: incorrect handling of MethodHandles.dropArguments() argument (Libraries, 8155985)

9.6CVSS7.4AI score0.07073EPSS

Exploits0References5

RedHat Linux•added 2016/08/10 4:56 p.m.•8 views

OpenJDK: incorrect handling of MethodHandles.dropArguments() argument (Libraries, 8155985)

9.6CVSS7.4AI score0.07073EPSS

Exploits0References5

ArchLinux•added 2016/08/05 12:0 a.m.•59 views

jdk7-openjdk: multiple issues

CVE-2016-3458 sandbox restriction bypass It was discovered that the CORBA component of OpenJDK did not sufficiently restrict the use of custom ValueHandler when performing object deserialization. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox...

9.3CVSS1AI score0.07521EPSS

Exploits0References8

RedHat Linux•added 2016/07/27 11:42 a.m.•4 views

OpenJDK: insufficient value count check in MethodHandles.filterReturnValue() (Libraries, 8158571)

9.6CVSS7.4AI score0.07073EPSS

Exploits0References5

RedHat Linux•added 2016/07/27 11:42 a.m.•4 views

OpenJDK: incorrect handling of MethodHandles.dropArguments() argument (Libraries, 8155985)

9.6CVSS7.4AI score0.07073EPSS

Exploits0References5

RedHat Linux•added 2016/07/21 10:19 a.m.•5 views

OpenJDK: insufficient value count check in MethodHandles.filterReturnValue() (Libraries, 8158571)

9.6CVSS7.4AI score0.07073EPSS

Exploits0References5

Zero Day Initiative•added 2016/07/21 12:0 a.m.•31 views

Oracle Java MethodHandles filterReturnValue Remote Code Execution Vulnerability

6.8CVSS3.4AI score0.04237EPSS

Exploits0

Zero Day Initiative•added 2016/07/21 12:0 a.m.•53 views

Oracle Java MethodHandles dropArguments Remote Code Execution Vulnerability

6.8CVSS3.4AI score0.07073EPSS

Exploits0

RedHat Linux•added 2016/07/20 12:11 p.m.•4 views

OpenJDK: insufficient value count check in MethodHandles.filterReturnValue() (Libraries, 8158571)

9.6CVSS7.4AI score0.07073EPSS

Exploits0References5

RedHat Linux•added 2016/07/20 12:11 p.m.•5 views

OpenJDK: incorrect handling of MethodHandles.dropArguments() argument (Libraries, 8155985)

9.6CVSS7.4AI score0.07073EPSS

Exploits0References5

RedHat Linux•added 2014/08/11 4:54 p.m.•3 views