Lucene search
K

406 matches found

Prion
Prion
added 2014/01/15 4:8 p.m.20 views

Design/Logic Flaw

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle ha...

4CVSS5.7AI score0.02414EPSS
Exploits0References71Affected Software3
Cvelist
Cvelist
added 2014/01/15 2:50 a.m.35 views

CVE-2014-0411

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle ha...

4.7AI score0.02414EPSS
Exploits0References71
RedHat Linux
RedHat Linux
added 2014/01/15 12:59 a.m.6 views

OpenJDK: TLS/SSL handshake timing issues (JSSE, 8023069)

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle ha...

4CVSS6.4AI score0.02414EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2010/07/15 12:0 a.m.4 views

PT-2010-1186 · Michaelliao · Openid

Name of the Vulnerable Software and Affected Versions: michaelliao jopenid versions prior to 1.08 Description: The issue is related to a timing discrepancy in the getAuthentication function of the OpenIdManager.java file. This discrepancy can be exploited by a remote attacker to gain unauthorized...

7.5CVSS5.2AI score0.00879EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2007/08/14 12:17 a.m.28 views

CVE-2007-4324

ActionScript 3 AS3 in Adobe Flash Player 9.0.47.0, and other versions and other 9.0.124.0 and earlier versions, allows remote attackers to bypass the Security Sandbox Model, obtain sensitive information, and port scan arbitrary hosts via a Flash SWF movie that specifies a connection to make, then...

5CVSS6AI score0.07933EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2004/09/01 4:0 a.m.31 views

CVE-2003-0078

ssl3getrecord in s3pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak timing discrepancy that may make it easier to launch cryptographic attacks that rely on distinguishing betwe...

5CVSS8.7AI score0.13718EPSS
Exploits0
Rows per page
Query Builder