USN-8330-1: OpenJDK 8 vulnerabilities

Thomas Beckers discovered that the JAXP component of OpenJDK 8 did not correctly authenticate certain APIs. A remote unauthenticated attacker could possibly use this issue to gain unauthorized access to sensitive information. CVE-2026-22016 It was discovered that the JSSE component of OpenJDK 8 d...

MiracleLinux 4 : java-1.6.0-openjdk-1.6.0.0-1.57.1.11.9.AXS4 (AXSA:2013-202:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-202:02 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2013-0809 Unspecified vulnerability in the 2D component in the Java...

Exploit for CVE-2025-30749

AegisJava A specialized tool to detect and mitigate CVE-202...

SUSE CVE-2010-0847

Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Marc...

SUSE CVE-2010-3556

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...

SUSE CVE-2010-3567

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle ha...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Versions 7, 7.1, 8 that are used by AIX. These issues were disclosed as part of the IBM Java SDK updates in April 2019. Vulnerability Details CVEID: CVE-2019-10245 DESCRIPTION: Eclipse OpenJ9 is vulnerable to a denial ...

DEBIAN-CVE-2019-2698

Vulnerability in the Java SE component of Oracle Java SE subcomponent: 2D. Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of...

CVE-2016-3422

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D...

ICU: missing boundary checks in layout engine (OpenJDK 2D, 8071715)

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

Buffer overflow

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

CVE-2015-2637

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via unknown vectors related to 2D...

CVE-2015-0459

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0491...

Unspecified Vulnerability in Oracle Java SE 2D Subpart (CNVD-2015-00577)

Oracle Java Runtime Environment is a solution that provides a reliable runtime environment for JAVA applications. An unspecified security vulnerability exists in the Oracle Java SE 2D subcomponent, which allows an attacker to build untrustworthy Java Web Start applications and untrustworthy Java...

CVE-2014-6511

Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality via unknown vectors related to 2D...

openSUSE Security Update : icedtea-web (openSUSE-SU-2011:0706-1)

Icedtea as included in java-160-openjdk was updated to fix several security issues : dbg114-icedtea-web-4788 icedtea-web-4788 newupdateinfo S6213702, CVE-2011-0872: so non-blocking sockets with TCP urgent disabled get still selected for read ops win dbg114-icedtea-web-4788 icedtea-web-4788...

Updated java-1.7.0-openjdk packages fix multiple security vulnerabilities

Updated java-1.7.0-openjdk packages fix security vulnerabilities: An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when processed. A remote attacker, or an untrusted Java application...

OpenJDK: Java2d Disposer security bypass (2D, 8017287)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability tha...

OpenJDK: Java2d Disposer security bypass (2D, 8017287)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability tha...

CVE-2013-5782

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via...