Lucene search
K

6 matches found

Veracode
Veracode
added 2019/05/02 4:54 a.m.27 views

Denial Of Service (DoS)

openjdk is vulnerable to denial of service. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions and affect availability via vectors related to JAXP...

5CVSS5.9AI score0.04464EPSS
Exploits0References27Affected Software3
Cvelist
Cvelist
added 2019/04/26 4:13 p.m.26 views

CVE-2019-9802

If a Sandbox content process is compromised, it can initiate an FTP download which will then use a child process to render the downloaded data. The downloaded data can then be passed to the Chrome process with an arbitrary file length supplied by an attacker, bypassing sandbox protections and all...

7.8AI score0.01127EPSS
Exploits0References2
Prion
Prion
added 2017/10/05 1:29 a.m.19 views

Type confusion

Script Security Plugin did not apply sandboxing restrictions to constructor invocations via positional arguments list, super constructor invocations, method references, and type coercion expressions. This could be used to invoke arbitrary constructors and methods, bypassing sandbox protection...

6.5CVSS8.7AI score0.01204EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/07/21 12:0 a.m.69 views

RHEL 6 / 7 : java-1.8.0-openjdk (RHSA-2017:1789)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:1789 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...

9.6CVSS7.7AI score0.03524EPSS
Exploits0References46
OpenVAS
OpenVAS
added 2015/01/27 12:0 a.m.46 views

RedHat Update for java-1.6.0-openjdk RHSA-2015:0085-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS5.6AI score0.99999EPSS
Exploits12References2
NVD
NVD
added 2013/03/08 6:55 p.m.22 views

CVE-2013-0401

The Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to execute arbitrary code via vectors related to AWT, as demonstrated by Ben Murphy during a Pwn2Own competiti...

10CVSS8.6AI score0.1015EPSS
Exploits0References31
Rows per page
Query Builder