OpenJDK: Insufficient checks of suppressed exceptions in deserialization (Utilities, 8212328)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Utilities. Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily exploitable vulnerability allows unauthenticated attacker with network access via...

OpenJDK: Insufficient restriction of privileges in AccessController (Security, 8216381)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...

OpenJDK: Missing URL format validation (Networking, 8221518)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access v...

OpenJDK: Incorrect handling of certificate status messages during TLS handshake (JSSE, 8222678)

Vulnerability in the Java SE component of Oracle Java SE subcomponent: JSSE. Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Java SE. Successful attacks require human...

OpenJDK: Unbounded memory allocation during deserialization in Collections (Utilities, 8213432)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Utilities. Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily exploitable vulnerability allows unauthenticated attacker with network access via...

Oracle Java SE Security Updates (jul2019-5072835) 05 - Windows

Oracle Java SE is prone to a security vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OpenJDK: Slow conversion of BigDecimal to long (Libraries, 8211936)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via...

Amazon Linux 2 : java-11-amazon-corretto (ALAS-2019-1228)

Vulnerability in the Java SE component of Oracle Java SE subcomponent: 2D. Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of...

Important: java-11-amazon-corretto

Issue Overview: Vulnerability in the Java SE component of Oracle Java SE subcomponent: 2D. Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Platform Cluster Manager Standard Edition, IBM Platform Cluster Manager Advanced Edition, Platform HPC, and Spectrum Cluster Foundation

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6, 7 used by IBM Platform Cluster Manager Standard Edition, IBM Platform Cluster Manager Advanced Edition, Platform HPC, and Spectrum Cluster Foundation. These issues were disclosed as part of the IBM Java SDK...

Oracle Java SE XML External Entity Injection Information Disclosure (CVE-2017-10309)

An XML external entity injection vulnerability exists in Oracle Java SE. A remote unauthenticated attacker could exploit this vulnerability to disclose sensitive information on the affected target host...

Information Disclosure

Java SE is vulnerable to information disclosure vulnerability. A remote user could exploit a flaw in the Libraries component to cause unauthorized read access to a subset of Java SE accessible data...

Directory Traversal

IBM Java SE is vulnerable to directory traversal vulnerability. This occurs when extracting compressed dump files since the IBM SDK does not not protect against path traversal attacks...

Privilege Escalation

Oracle Java SE is vulnerable to privilege escalation. The vulnerability exists in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE due to an unknown part of the component Scripting. An unauthenticated attacker with network access via multiple protocols could compromise Java SE,...

Information Disclosure

Java SE is vulnerable to information disclosure. A remote attacker could exploit the flawed JavaFX component to partially access data resulting in disclosure of sensitive information...

Privilege Escalation

Oracle Java SE is vulnerable to privilege escalation vulnerability. This is because of some unknown processing of the component Hotspot. An unauthenticated attacker with network access via multiple protocols could compromise Java SE, Java SE Embedded with the aid of human interaction from a perso...

Privilege Escalation

Oracle Java SE is vulnerable to privilege escalation attacks. The vulnerability exists in an unknown functionality of the component RMI. An unauthenticated attacker with network access via multiple protocols could compromise Java SE, JRockit resulting in unauthorized update, insert or delete acce...

Denial Of Service (DoS)

Oracle Java SE is vulnerable to denial of service DoS attacks. The vulnerability exists in an unknown functionality of the component Security. An unauthenticated attacker with network access via multiple protocols could compromise Java SE, Java SE Embedded, JRockit causing a system crash...

Improper Access Control

Java SE are vulnerable to improper access control. A remote, unauthenticated attacker could submit malicious input leading to the exploitation of the flawed Deployment component to gain elevated privileges. Successful attacks require human interaction from a person other than the attacker resulti...

Improper Access Control

Java SE are vulnerable to improper access control. A remote, unauthenticated attacker could submit malicious input leading to the exploitation of the flawed Deployment component to gain elevated privileges. Successful attacks require human interaction from a person other than the attacker resulti...