Lucene search
K

38 matches found

OSV
OSV
added 2024/07/26 11:8 a.m.2 views

OESA-2024-1906 openjdk-11 security update

The OpenJDK runtime environment. Security Fixes: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0....

7.4CVSS6.3AI score0.01257EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2023/07/17 8:51 a.m.3 views

OpenJDK: certificate validation issue in TLS session negotiation (8298310)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...

5.9CVSS7.2AI score0.01523EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/04/19 7:36 p.m.4 views

OpenJDK: certificate validation issue in TLS session negotiation (8298310)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...

5.9CVSS7.2AI score0.01523EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:34 a.m.4 views

SUSE CVE-2013-5776

Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment...

5CVSS6.4AI score0.03388EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2022/03/21 7:28 a.m.4 views

OpenJDK: Incorrect IdentityHashMap size checks during deserialization (Libraries, 8270416)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability...

5.3CVSS7.4AI score0.0335EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/10/25 12:24 p.m.1 views

OpenJDK: Non-constant comparison during TLS handshakes (JSSE, 8269618)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated...

4.3CVSS7.4AI score0.04104EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/07/23 4:23 p.m.3 views

OpenJDK: Missing URL format validation (Networking, 8221518)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access v...

5.8CVSS7.3AI score0.02296EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/11/09 11:49 a.m.8 views

OpenJDK: Missing endpoint identification algorithm check during TLS session resumption (JSSE, 8202613)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JSSE. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with...

6.8CVSS7.3AI score0.03392EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 2:49 p.m.14 views

Determining which CVE fixes are included in a JRE

Question IBM Security Bulletins list CVEs that must be applied to the JRE that RPT scripts use to run tests. How can you determine whether a specific JRE version includes a particular CVE? Answer IBM Security Bulletins list Common Vulnerabilities and Exposures CVE that must be fixed in the T6...

0.5AI score
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2015/11/23 12:56 p.m.2 views

JDK: local disclosure of kerberos credentials cache

IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, and 6 before SR16 FP15 allow physically proximate attackers to obtain sensitive information by reading the Kerberos Credential Cache...

2.1CVSS7.3AI score0.00482EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/10/22 6:34 p.m.1 views

OpenJDK: incomplete MaxXMLNameLimit enforcement (JAXP, 8086733)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911...

5CVSS7.3AI score0.05288EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2015/10/22 6:34 p.m.5 views

OpenJDK: incomplete constraints enforcement by AlgorithmChecker (Security, 8131291)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect integrity via unknown vectors related to Security...

5CVSS7.2AI score0.03703EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/08/11 4:44 p.m.1 views

OpenJDK: RSA blinding issues (Security, 8031346)

Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security...

4CVSS6.7AI score0.03501EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/06/10 1:7 p.m.4 views

OpenJDK: insufficient escaping of window title string (Javadoc, 8026736)

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and JRockit R27.8.1 and R28.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Javadoc...

3.5CVSS6.8AI score0.02554EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/06/10 1:7 p.m.5 views

OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026801)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0458 and CVE-2014-2423...

7.5CVSS6.8AI score0.04936EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/06/10 12:34 p.m.4 views

OpenJDK: RSA unpadding timing issues (Security, 8027766)

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security...

4CVSS7AI score0.04858EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/04/16 11:34 a.m.2 views

OpenJDK: RSA unpadding timing issues (Security, 8027766)

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security...

4CVSS7AI score0.04858EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/11/07 4:47 p.m.0 views

OpenJDK: insufficient InterfaceImplementor security checks (Scripting, 8017299)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to SCRIPTING...

4.3CVSS6.8AI score0.0364EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/11/07 4:46 p.m.2 views

JDK: unspecified vulnerability fixed in 7u45 (2D)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D...

5CVSS6.7AI score0.03219EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/11/07 4:45 p.m.2 views

JDK: unspecified vulnerability fixed in 7u45 (Deployment)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5818 and CVE-2013-5819...

5CVSS6.7AI score0.03388EPSS
Exploits0References5
Rows per page
Query Builder