Design/Logic Flaw

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JAXP. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

UBUNTU-CVE-2019-2992

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

CVE-2019-2933

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

CVE-2019-2987

Vulnerability in the Java SE product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this...

CVE-2019-2978

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...

CVE-2019-2988

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

CVE-2019-2996

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Deployment. The supported version that is affected is Java SE: 8u221; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to...

CVE-2019-2988

CVE-2019-2988 affects Oracle Java SE/SE Embedded (component 2D). Affected: Java SE 7u231, 8u221, 11.0.4, 13; Java SE Embedded 8u221. Root cause: issues in the 2D graphics subsystem enabling unauthenticated network-based access to trigger a partial denial of service. Impact is explicitly a partial...

CVE-2019-2999

CVE-2019-2999 is a Java SE Javadoc vulnerability affecting multiple OpenJDK/OpenJDK-derived builds (e.g., Java 7u231, 8u221, 11.0.4, 13.0.1) where the Javadoc component could allow unauthenticated network access leading to data exposure/updating under a sandboxed Java Web Start/Applet context. Co...

CVE-2019-2989

CVE-2019-2989 affects Oracle Java SE/Java SE Embedded with multiple OpenJDK components (Networking) and is echoed in several advisories. Affected packages include java-1.7.0-openjdk (and variants for 7u231, 7.x, 8u221, 11.0.4, 13; Java SE Embedded 8u221). Other connected entries reference related...

CVE-2019-2996

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Deployment. The supported version that is affected is Java SE: 8u221; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to...

CVE-2019-2988

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

CVE-2019-2999

Vulnerability in the Java SE product of Oracle Java SE component: Javadoc. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...

CVE-2019-2975

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Scripting. Supported versions that are affected are Java SE: 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

CVE-2019-2978

CVE-2019-2978 relates to the OpenJDK/Java SE Networking component. Affected Java releases include Java SE: 7u231, 8u221, 11.0.4, 13 and Java SE Embedded: 8u221. Root cause: incorrect handling of nested jar: URLs in the Jar URL handler, which can be triggered via network interaction. Impact: poten...

CVE-2019-2983

CVE-2019-2983 affects Oracle Java SE/Java SE Embedded (component: Serialization). Affected: Java SE 7u231, 8u221, 11.0.4, 13; Java SE Embedded 8u221. Unauthenticated attacker with network access can trigger a partial denial of service in Java SE/Embedded. Base CVSSv3.0 score 3.7 (Network, High/No...

CVE-2019-2975

CVE-2019-2975 affects Oracle Java SE/Scripting (and Java SE Embedded) with known affected builds: Java SE 8u221, 11.0.4, and 13; Java SE Embedded 8u221. The vulnerability concerns loading/executing untrusted code in environments like sandboxed Web Start/Applet contexts and can allow an unauthenti...

CVE-2019-2973

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JAXP. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

CVE-2019-2981

CVE-2019-2981 affects Oracle Java SE/Java SE Embedded (component: JAXP) with affected releases including Java SE 7u231, 8u221, 11.0.4 and 13; Java SE Embedded 8u221. The issue allows an unauthenticated network attacker to cause a partial denial of service in Java SE/Embedded, via the JAXP path (p...

CVE-2019-2973

CVE-2019-2973 is an issue in Oracle Java SE/Java SE Embedded (component: JAXP) affecting OpenJDK/OpenJDK builds such as 7u231, 8u221, 11.0.4 and 13 (and Embedded 8u221). The vulnerability allows unauthenticated network-accessed exploitation that can cause a partial denial of service in Java SE/SE...