1373 matches found
Design/Logic Flaw
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...
Design/Logic Flaw
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...
UBUNTU-CVE-2019-2894
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Security. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
UBUNTU-CVE-2019-2989
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...
CVE-2019-2996
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Deployment. The supported version that is affected is Java SE: 8u221; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to...
CVE-2019-2988
CVE-2019-2988 affects Oracle Java SE/SE Embedded (component 2D). Affected: Java SE 7u231, 8u221, 11.0.4, 13; Java SE Embedded 8u221. Root cause: issues in the 2D graphics subsystem enabling unauthenticated network-based access to trigger a partial denial of service. Impact is explicitly a partial...
CVE-2019-2992
CVE-2019-2992 affects Oracle Java SE/OpenJDK Java SE/Embedded, with vulnerable components including the 2D renderer. The connected documents show a concrete root cause: in the 2D component (font rendering), excess memory allocation during operations such as font glyph mapping can lead to a denial...
CVE-2019-2989
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...
CVE-2019-2989
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...
CVE-2019-2973
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JAXP. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
CVE-2019-2983
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
CVE-2019-2978
CVE-2019-2978 relates to the OpenJDK/Java SE Networking component. Affected Java releases include Java SE: 7u231, 8u221, 11.0.4, 13 and Java SE Embedded: 8u221. Root cause: incorrect handling of nested jar: URLs in the Jar URL handler, which can be triggered via network interaction. Impact: poten...
CVE-2019-2981
CVE-2019-2981 affects Oracle Java SE/Java SE Embedded (component: JAXP) with affected releases including Java SE 7u231, 8u221, 11.0.4 and 13; Java SE Embedded 8u221. The issue allows an unauthenticated network attacker to cause a partial denial of service in Java SE/Embedded, via the JAXP path (p...
CVE-2019-2973
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JAXP. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
CVE-2019-2958
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...
CVE-2019-2958
CVE-2019-2958 affects Oracle Java SE and Java SE Embedded (Libraries component). Affected versions include Java SE: 7u231, 8u221, 11.0.4, 13 and Java SE Embedded: 8u221. Described vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE/Jav...
CVE-2019-2962
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
CVE-2019-2962
CVE-2019-2962 is confirmed in connected documents as an OpenJDK 7 issue affecting the 2D component, specifically a NULL pointer dereference in DrawGlyphList (2D) that can contribute to denial of service. The CentOS/Red Hat advisories list OpenJDK 7 packages as affected and recommend updating to a...
CVE-2019-2949
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Kerberos. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos...
CVE-2019-2949
CVE-2019-2949 affects Oracle/OpenJDK Java SE Kerberos components. Affected Java SE: 7u231, 8u221, 11.0.4, 13; Java SE Embedded: 8u221. Exploitation requires network access via Kerberos and unauthenticated access could lead to leakage of sensitive data or elevated access. Connected documents show ...