CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

927 matches found

Hacker One•added 2021/04/26 9:34 p.m.•107 views

GitHub Security Lab: Java: JSONP Injection

This bug was reported directly to GitHub Security Lab...

1.2AI score

Exploits0

OSV•added 2021/04/26 7:12 a.m.•6 views

SUSE-SU-2021:1314-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: - Update to upstream tag jdk-11.0.11+9 April 2021 CPU CVE-2021-2163: Fixed incomplete enforcement of JAR signing disabled algorithms bsc1185055 CVE-2021-2161: Fixed incorrect handling of partially quoted arguments in ProcessBuilder...

5.9CVSS6AI score0.01132EPSS

Exploits0References6

vulnersOsv•added 2021/04/22 4:16 p.m.•2 views

cn.regionsoft:ONE (=2.1.1), co.baiku.boot:ajavaer-cache (=0.3.0-RELEASES) +49 more potentially affected by CVE-2020-26939 via org.bouncycastle:bcprov-ext-jdk16 (>=1.45 <=1.46)

org.bouncycastle:bcprov-ext-jdk16 MAVEN version =1.45, =0.0.1-RELEASE, =0.0.1.RELEASE, =0.0.3.RELEASE, =0.0.1.RELEASE, =0.0.1.RELEASE, =0.0.1.RELEASE, =0.0.3.RELEASE, =0.0.1.RELEASE, =0.0.1.RELEASE, =0.0.1.RELEASE, =0.0.1.RELEASE, =0.0.9.RELEASE and more Source cves: CVE-2020-26939 Source advisor...

5.3CVSS6.7AI score0.02437EPSS

Exploits0

OSV•added 2021/04/03 12:0 a.m.•62 views

DLA-2616-1 libxstream-java - security update

Bulletin has no description...

9.9CVSS8.8AI score0.92EPSS

Exploits10

Tenable Nessus•added 2021/03/05 12:0 a.m.•115 views

openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2021-374)

This update for java-180-openjdk fixes the following issues : - Update to version jdk8u282 icedtea 3.18.0 - January 2021 CPU bsc1181239 - Security fixes + JDK-8247619: Improve Direct Buffering of Characters CVE-2020-14803 - Import of OpenJDK 8 u282 build 01 + JDK-6962725: Regtest...

5.3CVSS6.5AI score0.00041EPSS

Exploits0References2

RedHat Linux•added 2021/03/04 5:5 p.m.•3 views

OpenJDK: Credentials sent over unencrypted LDAP connection (JNDI, 8237990)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JNDI. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

4.3CVSS7.1AI score0.00103EPSS

Exploits0References4

OSV•added 2021/03/01 4:36 p.m.•9 views

SUSE-SU-2021:0670-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 6 Fix Pack 25 bsc1182186, bsc1181239, CVE-2020-27221, CVE-2020-14803 CVE-2020-27221: Potential for a stack-based buffer overflow when the virtual machine or JNI natives are converting from UTF-8 characte...

9.8CVSS5.8AI score0.00727EPSS

Exploits0References5

OSV•added 2021/03/01 3:16 p.m.•8 views

SUSE-SU-2021:0665-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: - Update to version jdk8u282 icedtea 3.18.0 January 2021 CPU bsc1181239 Security fixes + JDK-8247619: Improve Direct Buffering of Characters CVE-2020-14803 Import of OpenJDK 8 u282 build 01 + JDK-6962725: Regtest...

5.3CVSS5.8AI score0.00041EPSS

Exploits0References3

Ubuntu•added 2021/02/18 8:35 p.m.•114 views

USN-4740-1: Apache Shiro vulnerabilities

It was discovered that Apache Shiro mishandled specially crafted requests. An attacker could use this vulnerability to bypass authentication mechanisms...

9.8CVSS8.2AI score0.88599EPSS

Exploits1

CNNVD•added 2021/02/18 12:0 a.m.•3 views

KollectApps Code Issue Vulnerability

kollect KollectApps is an application from the individual developers of kollect Kollect in Germany. Offers to automatically collect emails and phone numbers of people who send you contact information via inbox or comments. A security vulnerability exists in KollectApps. The vulnerability stems fr...

9.8CVSS7.8AI score0.01988EPSS

Exploits1References2

RedHat Linux•added 2021/02/16 7:39 a.m.•107 views

Moderate: Red Hat Security Advisory: java-1.8.0-ibm security update

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

4.3CVSS6.7AI score0.00164EPSS

Exploits0References4

NCSC•added 2021/01/21 12:0 a.m.•3 views

Vulnerability fixed in Oracle Java SE

Oracle has fixed vulnerabilities in the following Oracle Java products: Java SE JDK and JRE The vulnerabilities allow an unauthenticated malicious person with network access to the vulnerable system may be able to system data. Only applications that execute untrusted code e.g., using third-party...

5.3CVSS7.1AI score0.00041EPSS

Exploits0

OpenVAS•added 2021/01/19 12:0 a.m.•14 views

Elastic Elasticsearch Security Information Disclosure Vulnerability (ESA-2018-19)

Elasticsearch Security is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.9CVSS5.6AI score0.0028EPSS

Exploits0References2

OSV•added 2020/12/22 9:55 a.m.•6 views

SUSE-SU-2020:14588-1 Security update for java-1_7_1-ibm

This update for java-171-ibm fixes the following issues: - Update to Java 7.1 Service Refresh 4 Fix Pack 75 bsc1180063, bsc1177943 CVE-2020-14792 CVE-2020-14797 CVE-2020-14782 CVE-2020-14781 CVE-2020-14779 CVE-2020-14798 CVE-2020-14796 CVE-2020-14803 Class Libraries: - Z/OS specific C function...

5.8CVSS5.2AI score0.00246EPSS

Exploits0References11

Tenable Nessus•added 2020/12/09 12:0 a.m.•53 views

SUSE SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2020:3310-1)

This update for java-170-openjdk fixes the following issues : Update to 2.6.24 - OpenJDK 7u281 October 2020 CPU, bsc1177943 - Security fixes + JDK-8233624: Enhance JNI linkage + JDK-8236862, CVE-2020-14779: Enhance support of Proxy class + JDK-8237990, CVE-2020-14781: Enhanced LDAP contexts +...

5.8CVSS6.2AI score0.00246EPSS

Exploits0References18

OPENSUSE Linux•added 2020/12/07 12:0 a.m.•15 views

Security update for java-1_8_0-openjdk (important)

openSUSE Security Update: Security update for java-180-openjdk Announcement ID: openSUSE-SU-2020:2188-1 Rating: important References: 1179441 Affected Products: openSUSE Leap 15.1 An update that contains security fixes can now be installed. Description: This update for java-180-openjdk fixes the...

7.3AI score

Exploits0

OSV•added 2020/12/02 8:59 a.m.•3 views

SUSE-SU-2020:3591-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: - Update to version jdk8u275 icedtea 3.17.1 JDK-8214440, bsc1179441: Fix StartTLS functionality that was broken in openjdk272. bsc1179441 JDK-8223940: Private key not supported by chosen signature algorithm JDK-8236512: PKCS11 Connectio...

7.2AI score

Exploits0References2

OSV•added 2020/11/30 12:0 a.m.•31 views

DLA-2471-1 libxstream-java - security update

Bulletin has no description...

9.3CVSS8.2AI score0.93171EPSS

Exploits7

OSV•added 2020/11/27 1:25 p.m.•7 views

OPENSUSE-SU-2020:2083-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: - Fix regression '8250861: Crash in MinINode::IdealPhaseGVN, bool', introduced in October 2020 CPU. - Update to version jdk8u272 icedtea 3.17.0 July 2020 CPU, bsc1174157, and October 2020 CPU, bsc1177943 New features + JDK-8245468: Add...

8.3CVSS6AI score0.01018EPSS

Exploits0References19

OSV•added 2020/11/20 11:41 a.m.•7 views

SUSE-SU-2020:3460-1 Security update for java-1_8_0-openjdk

8.3CVSS6.2AI score0.01018EPSS

Exploits0References19

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by