The vulnerability of the Hotspot component in Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK, and the Oracle Java SE software platform allows a perpetrator to trigger a service failure.

The vulnerability of the Hotspot component in Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK, and the Oracle Java SE software platform is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

OpenJDK: Integer overflow in BMPImageReader (ImageIO, 8273838)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...

OpenJDK: Excessive memory allocation in RTFReader (Swing, 8265580)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Swing. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...

OpenJDK: High memory usage during deserialization of Proxy class with many interfaces (Serialization, 8236862)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

UBUNTU-CVE-2020-2816

Vulnerability in the Java SE product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 11.0.6 and 14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability c...

OpenJDK: Unbounded memory allocation during deserialization in Collections (Utilities, 8213432)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Utilities. Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily exploitable vulnerability allows unauthenticated attacker with network access via...

JDK: unspecified vulnerability fixed in 6u201, 7u191, 8u181, and 10.0.2 (JSSE)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JSSE. Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

UBUNTU-CVE-2018-2952

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Concurrency. Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit vulnerability allows unauthenticated...

Oracle Java SE/JRockit Remote Vulnerability (CNVD-2017-18229)

Java SE is short for Java Platform Standard Edition, based on the JDK and JRE, for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments. Oracle Java SE/JRockit has a security vulnerability that allows an attacker to exploit...

Oracle Java SE/JRockit Remote Vulnerability (CNVD-2017-18173)

Java SE is short for Java Platform Standard Edition, based on the JDK and JRE, for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments. Oracle Java SE/JRockit has security vulnerabilities in its implementation that allow an attacker to...

JDK: unspecified vulnerability fixed in 7u111 and 8u101 (Deployment)

Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Deployment...

JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)

Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-6476...

OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXB...