CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4220 matches found

CVE•added 2022/01/19 11:25 a.m.•342 views

CVE-2022-21341

CVE-2022-21341 is an openly documented vulnerability affecting Oracle Java SE and Oracle GraalVM Enterprise Edition across multiple components (Serialization, JAXP, ImageIO, Hotspot, Libraries, 2D, etc.). Affected versions include Java SE 7u321, 8u311, 11.0.13, 17.0.1 and GraalVM EE 20.3.4/21.3.0...

5.3CVSS4.8AI score0.00143EPSS

Exploits0References6Affected Software3

CVE•added 2022/01/19 11:22 a.m.•364 views

CVE-2022-21248

CVE-2022-21248 affects Oracle Java SE and GraalVM Enterprise Edition via the Serialization component. Affected Oracle Java SE versions: 7u321, 8u311, 11.0.13, 17.0.1; GraalVM Enterprise Edition: 20.3.4 and 21.3.0. The vulnerability is exploitable over the network and allows an unauthenticated att...

4.3CVSS3.8AI score0.00083EPSS

Exploits0References9Affected Software3

Cvelist•added 2022/01/19 11:22 a.m.•25 views

CVE-2022-21248

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerabili...

3.7CVSS4AI score0.00083EPSS

Exploits0References9

AlpineLinux•added 2022/01/19 11:22 a.m.•48 views

CVE-2022-21248

4.3CVSS4.2AI score0.00083EPSS

Exploits0

Debian CVE•added 2022/01/19 11:22 a.m.•43 views

CVE-2022-21248

4.3CVSS4.3AI score0.00083EPSS

Exploits0

RedHat Linux•added 2022/01/19 10:5 a.m.•2 views

OpenJDK: Insufficient checks when deserializing exceptions in ObjectInputStream (Serialization, 8272236)

5.3CVSS7.4AI score0.00143EPSS

Exploits0References4

AlmaLinux•added 2022/01/19 8:53 a.m.•51 views

Moderate: java-17-openjdk security update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: OpenJDK: Incomplete deserialization class filtering in ObjectInputStream Serialization, 8264934 CVE-2022-21248 OpenJDK: Incorrect reading of TIFF files in...

5.3CVSS6.6AI score0.05612EPSS

Exploits0References15

OSV•added 2022/01/19 8:53 a.m.•25 views

RLSA-2022:0161 Moderate: java-17-openjdk security update

5.3CVSS6.2AI score0.05612EPSS

Exploits0References16

OSV•added 2022/01/19 8:53 a.m.•24 views

ALSA-2022:0161 Moderate: java-17-openjdk security update

5.3CVSS6.2AI score0.05612EPSS

Exploits0References15

OpenVAS•added 2022/01/19 12:0 a.m.•21 views

Oracle Java SE Security Update (jan2022) 02 - Linux

Oracle Java SE is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6AI score0.05612EPSS

Exploits0References1

OpenVAS•added 2022/01/19 12:0 a.m.•21 views

Oracle Java SE Security Update (jan2022) 02 - Windows

5.3CVSS6AI score0.05612EPSS

Exploits0References1

RedhatCVE•added 2022/01/18 10:31 p.m.•34 views

CVE-2022-21248

4.3CVSS4.4AI score0.00083EPSS

Exploits0References3

CNNVD•added 2022/01/18 12:0 a.m.•3 views

Oracle Java SE和Oracle GraalVM 输入验证错误漏洞

Oracle GraalVM is a set of on-the-fly compilers written in the Java language from Oracle Corporation USA.GraalVM Enterprise Edition is the enterprise version of GraalVM.An input validation error vulnerability exists in Oracle GraalVM due to an Oracle GraalVM Enterprise Edition has incorrect input...

5.3CVSS5.6AI score0.00112EPSS

Exploits0References52

Positive Technologies•added 2022/01/18 12:0 a.m.•2 views

PT-2022-6855

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 7u321, 8u311, 11.0.13, 17.0.1 Oracle GraalVM Enterprise Edition versions 20.3.4, 21.3.0 Description The issue is related to the Serialization component in Oracle Java SE and Oracle GraalVM Enterprise Edition, allowing a...

5.3CVSS6.8AI score0.00143EPSS

Exploits0References224

CNNVD•added 2022/01/18 12:0 a.m.•2 views

Oracle Java SE和Oracle GraalVM 输入验证错误漏洞

5.3CVSS5.6AI score0.01201EPSS

Exploits0References33

CNNVD•added 2022/01/18 12:0 a.m.•2 views

Oracle Java SE和Oracle GraalVM 输入验证错误漏洞

Oracle Java SE and Oracle GraalVM are both products of Oracle Corporation.Oracle Java SE is a product for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments.Oracle GraalVM is a set of on-the-fly compilers written in the Java language...

5.3CVSS6.5AI score0.01201EPSS

Exploits0References34

CNNVD•added 2022/01/18 12:0 a.m.•3 views

Oracle Java SE和Oracle GraalVM 输入验证错误漏洞

5.3CVSS5.6AI score0.00112EPSS

Exploits0References52

CNNVD•added 2022/01/18 12:0 a.m.•3 views

Oracle Java SE和Oracle GraalVM 输入验证错误漏洞

Oracle GraalVM is a set of on-the-fly compilers written in the Java language from Oracle Corporation USA. The product supports multiple programming languages and execution modes.GraalVM Enterprise Edition is the enterprise version of GraalVM.An input validation error vulnerability exists in Oracl...

5.3CVSS5.7AI score0.00111EPSS

Exploits0References41

Positive Technologies•added 2022/01/18 12:0 a.m.•3 views

PT-2022-2124

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 7u321, 8u311, 11.0.13, 17.0.1 Oracle GraalVM Enterprise Edition versions 20.3.4, 21.3.0 Description The issue is related to the Serialization component and can be exploited by an unauthenticated attacker with network...

5.3CVSS6.8AI score0.00143EPSS

Exploits0References222