CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

50 matches found

VulnCheck KEV•added 2018/07/07 12:0 a.m.•1 views

VulnCheck KEV: CVE-2017-1000353

Jenkins contains a remote code execution vulnerability. This vulnerability that could allowed attackers to transfer a serialized Java SignedObject object to the remoting-based Jenkins CLI, that would be deserialized using a new ObjectInputStream, bypassing the existing blocklist-based...

9.8CVSS7.6AI score0.99686EPSS

Exploits36References1

RedHat Linux•added 2017/12/06 1:42 p.m.•3 views

OpenJDK: unbounded memory allocation in ObjectInputStream deserialization (Serialization, 8181597)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via...

5.3CVSS7.4AI score0.03305EPSS

Exploits0References4

RedHat Linux•added 2017/05/09 4:41 p.m.•3 views

OpenJDK: insufficient thread consistency checks in ObjectInputStream (Serialization, 8129952)

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization...

10CVSS7.4AI score0.0472EPSS

Exploits0References5

RedHat Linux•added 2016/07/18 1:51 p.m.•4 views

OpenJDK: insufficient thread consistency checks in ObjectInputStream (Serialization, 8129952)

10CVSS7.4AI score0.0472EPSS

Exploits0References5

RedHat Linux•added 2016/05/03 6:35 p.m.•3 views

OpenJDK: insufficient thread consistency checks in ObjectInputStream (Serialization, 8129952)

10CVSS7.4AI score0.0472EPSS

Exploits0References5

RedHat Linux•added 2015/08/04 5:13 p.m.•5 views

OpenJDK: deserialization issue in ObjectInputStream.readSerialData() (Libraries, 8076401)

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732...

10CVSS6.7AI score0.25714EPSS

Exploits0References6

RedHat Linux•added 2015/07/17 8:4 a.m.•2 views

OpenJDK: deserialization issue in ObjectInputStream.readSerialData() (Libraries, 8076401)

10CVSS6.7AI score0.25714EPSS

Exploits0References6

RedHat Linux•added 2015/07/15 12:37 p.m.•1 views

OpenJDK: deserialization issue in ObjectInputStream.readSerialData() (Libraries, 8076401)

10CVSS6.7AI score0.25714EPSS

Exploits0References6

RedHat Linux•added 2013/11/07 4:45 p.m.•3 views

OpenJDK: ObjectInputStream/ObjectOutputStream missing checks (Libraries, 8014987)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different...

10CVSS6.8AI score0.17289EPSS

Exploits0References5

RedHat Linux•added 2013/10/21 5:37 p.m.•2 views

OpenJDK: ObjectInputStream/ObjectOutputStream missing checks (Libraries, 8014987)

10CVSS6.8AI score0.17289EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by