Privilege Escalation

Oracle Java SE and Java SE Embedded are vulnerable to privilege escalation attacks. A remote user can manipulate the component, Hotspot with an unknown input in order to gain elevated privileges. The attacker may then be able to perform unauthorized actions...

Privilege Escalation

Oracle Java SE and Java SE EmbeddedA is vulnerable to privilege escalation attacks. A remote user can exploit a flaw in the Hotspot component to gain elevated privileges and perform unauthorized actions...

Information Disclosure

Oracle Java SE and Java SE Embedded are vulnerable to information disclosure. A remote user can exploit a flaw in the Networking component to access sensitive information...

Denial Of Service (DoS)

Java SE is vulnerable to denial of service DoS. An unspecified vulnerability allows an local users to affect availability via vectors related to JAXP causing the application to crash...

Denial Of Service (DoS)

java SE is vulnerable to denial of service DoS. An unspecified vulnerability allows an local users to affect availability via vectors related to JAXP causing the application to crash...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is used by IBM WebSphere Application Server shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise. These issues were disclosed as part of the IBM SDK, Java Technology Edition Quarterly CPU - O...

Oracle Java SE 5 < Update 85 / 6 < Update 95 / 7 < Update 79 / 8 < Update 45 Multiple Vulnerabilities (April 2015 CPU) (FREAK)

Binary data 700650.prm...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Service Tester

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 and IBM® Runtime Environment Java™ Version 8 used by Rational Performance Tester. Rational Performance Tester has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2019-2426 DESCRIPTION: An...

CVE-2019-2699

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Windows DLL. The supported version that is affected is Java SE: 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. While the vulnerabilit...

CVE-2019-2698

Vulnerability in the Java SE component of Oracle Java SE subcomponent: 2D. Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of...

CVE-2019-2684

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: RMI. Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

Design/Logic Flaw

Vulnerability in the Java SE component of Oracle Java SE subcomponent: 2D. Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of...

Code injection

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via...

Design/Logic Flaw

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: RMI. Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

Design/Logic Flaw

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Windows DLL. The supported version that is affected is Java SE: 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. While the vulnerabilit...

CVE-2019-2699

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Windows DLL. The supported version that is affected is Java SE: 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. While the vulnerabilit...

CVE-2019-2697

CVE-2019-2697 affects Oracle Java SE 7u211 and 8u202 in the 2D subcomponent. The flaw enables unauthenticated remote takeover via network access, primarily affecting client-side sandbox deployments (Web Start/applets) that load untrusted code. The CVSS v3.1 score is 8.1 (HIGH) with C/H/I/A impact...

CVE-2019-2698

Vulnerability in the Java SE component of Oracle Java SE subcomponent: 2D. Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of...

CVE-2019-2684

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: RMI. Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

CVE-2019-2684

CVE-2019-2684 concerns Oracle Java SE and Java SE Embedded, specifically the RMI component. The connected Chainguard entry shows affected packages for OpenJDK builds (openjdk-21/openj9, openjdk-8/openj9, openjdk-11/openj9, openjdk-17/openj9). The initial description identifies affected Oracle Jav...