3428 matches found
CVE-2017-10074
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Hotspot. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
CVE-2017-10074
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Hotspot. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
CVE-2017-10074
CVE-2017-10074 affects OpenJDK/OpenJDK Hotspot in Java SE and Java SE Embedded. Affected: Java SE 6u151, 7u141, 8u131; Java SE Embedded 8u131. Root cause per advisories: Hotspot range-checking overflow in OpenJDK leading to possible arbitrary-code execution under a sandbox-compiled Java applet/ru...
CVE-2017-10118
CVE-2017-10118 affects Oracle Java SE/JRockit/JCE with a timing-channel vulnerability in ECDSA within the JCE component. A remote attacker could potentially recover private keys by observing timing differences, enabling unauthenticated network-remote exploitation on affected OpenJDK/JRockit confi...
CVE-2017-10102
CVE-2017-10102 is a remotely exploitable issue in Oracle Java SE and Java SE Embedded (RMI subcomponent) affecting Java SE 6u151, 7u141, 8u131 and Java SE Embedded 8u131. A remote attacker could compromise the target via API data handling over network access, potentially taking over the Java runt...
CVE-2017-10101
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...
CVE-2017-10101
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...
CVE-2017-10096
CVE-2017-10096 – OpenJDK/JAXP vulnerability (CWE-style) shows a flaw in the Java SE/Java SE Embedded stack, specifically the JAXP component. Affected are Oracle Java SE versions 6u151, 7u141, 8u131 and Java SE Embedded 8u131. The vulnerability can allow an unauthenticated attacker with network ac...
CVE-2017-10107
CVE-2017-10107 affects OpenJDK/OpenJDK-based packages (RMI) with vulnerable components in Java SE/Java SE Embedded. The connected security data confirms multiple OpenJDK subcomponents are vulnerable, including RMI-related sandbox bypass issues, and lists affected versions such as Java 6u151, 7u14...
CVE-2017-10081
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Hotspot. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...
CVE-2017-10081
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Hotspot. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...
CVE-2017-10081
CVE-2017-10081 is a Sandbox/Access-Restriction bypass in the Hotspot component of OpenJDK. Affected Java runtimes include Java SE 6u151, 7u141, and 8u131 (Java SE Embedded 8u131). Several connected advisories note this as part of a broader OpenJDK set of issues (RMI, JAXP, ImageIO, Libraries, AWT...
CVE-2017-10089
CVE-2017-10089 affects Oracle Java SE ImageIO in OpenJDK/OpenJDK-derived disclosures: 6u151, 7u141, 8u131 are vulnerable. The issue allows a network-based, unauthenticated attacker to take control of the Java SE runtime, with UI interaction required, potentially impacting additional products. Aff...
CVE-2017-10090
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protoco...
CVE-2017-10096
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...
CVE-2017-10115
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JCE. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with networ...
CVE-2017-10115
CVE-2017-10115 is a covert timing-channel vulnerability in the DSA implementation of the JCE in OpenJDK/OpenJRE/JRockit, affecting Java SE 6u151, 7u141, 8u131 and related packages (e.g., OpenJDK 7 on Debian/Ubuntu, RHEL/CentOS, Arch Linux advisories). A remote attacker could potentially exploit t...
CVE-2017-10114
CVE-2017-10114 affects the Java SE/JavaFX component; specifically Java SE 7u141 and 8u131. The vulnerability is described as difficult to exploit, requiring network access via multiple protocols and user interaction, with potential takeover of Java SE and possible impact on other products relying...
CVE-2017-10108
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker...
CVE-2017-10108
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker...