CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2018/01/18 9:55 p.m.•7 views

OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JNDI. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker wit...

4.3CVSS7.3AI score0.04706EPSS

OSV•added 2018/01/18 2:29 a.m.•4 views

CVE-2018-2637

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JMX. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker wi...

7.4CVSS7.3AI score0.04649EPSS

Exploits0References22

OSV•added 2018/01/18 2:29 a.m.•4 views

CVE-2018-2582

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Hotspot. Supported versions that are affected are Java SE: 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols...

6.5CVSS7.3AI score0.04767EPSS

Exploits0References15

Positive Technologies•added 2018/01/18 12:0 a.m.•3 views

PT-2018-15803 · Oracle +4 · Jrockit +7

Name of the Vulnerable Software and Affected Versions: Java SE versions 6u181, 7u161, and 8u152 Java SE Embedded version 8u152 JRockit version R28.3.17 Description: The issue allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, and...

8.3CVSS5.4AI score0.15528EPSS

Exploits0References108

RedHat Linux•added 2018/01/17 5:33 p.m.•1 views

OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962)

6.5CVSS7.3AI score0.04767EPSS

RedHat Linux•added 2018/01/17 5:33 p.m.•2 views

OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)

4.3CVSS7.4AI score0.04706EPSS

CNVD•added 2018/01/17 12:0 a.m.•1 views

Unspecified Vulnerability in Oracle Java SE, Java SE Embedded and Jrockit

Oracle Java SE, Java SE Embedded, and JRockit are products of Oracle Corporation. Java SE Java Platform Standard Edition is used to develop and deploy Java applications for desktops, servers, and embedded devices and real-time environments; Java SE Embedded is a Java platform for developing...

8.3CVSS9.1AI score0.05688EPSS

CNVD•added 2018/01/17 12:0 a.m.•3 views

Unspecified Vulnerability in Oracle Java SE, Java SE Embedded and Jrockit (CNVD-2018-02238)

7.4CVSS9.2AI score0.04649EPSS

CNVD•added 2018/01/17 12:0 a.m.•2 views

Unspecified Vulnerability in Oracle Java SE, Java SE Embedded and Jrockit (CNVD-2018-02243)

4.3CVSS9.1AI score0.04706EPSS

CNVD•added 2018/01/17 12:0 a.m.•2 views

Unspecified Vulnerability in Oracle Java SE and Java SE Embedded (CNVD-2018-02211)

Oracle Java SE and Java SE Embedded are both products of Oracle Corporation. Java SE Java Platform Standard Edition is used to develop and deploy Java applications for desktops, servers, and embedded devices and real-time environments; Java SE Embedded is a Java platform for embedded system...

6.8CVSS9.2AI score0.04562EPSS

CNVD•added 2018/01/17 12:0 a.m.•2 views

Unspecified Vulnerability in Oracle Java SE and Java SE Embedded (CNVD-2018-02213)

Oracle Java SE is a standard version of Oracle's Java platform for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments. both Java SE and Java SE Embedded are components of Java SE Embedded is a Java platform for embedded systems. Java...

6.1CVSS9.1AI score0.0514EPSS

OSV•added 2018/01/17 12:0 a.m.•1 views

UBUNTU-CVE-2018-2633

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JNDI. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker...

8.3CVSS6.7AI score0.05688EPSS

OSV•added 2018/01/17 12:0 a.m.•1 views

UBUNTU-CVE-2018-2582

6.5CVSS6.7AI score0.04767EPSS

Exploits0References3

OSV•added 2018/01/17 12:0 a.m.•0 views

UBUNTU-CVE-2018-2599

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JNDI. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker...

4.8CVSS6.6AI score0.04189EPSS

Cvelist•added 2017/12/28 3:0 p.m.•38 views

CVE-2017-5641

Previous versions of Apache Flex BlazeDS 4.7.2 and earlier did not restrict which types were allowed for AMFX object deserialization by default. During the deserialization process code is executed that for several known types has undesired side-effects. Other, unknown types may also exhibit such...

9.7AI score0.21274EPSS

Exploits4References8

RedHat Linux•added 2017/12/13 4:48 p.m.•3 views

OpenJDK: insufficient access control checks in ThreadPoolExecutor (Libraries, 8172204)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

RedHat Linux•added 2017/12/13 4:48 p.m.•2 views

OpenJDK: insufficient access control checks in AsynchronousChannelGroupImpl (8172465, Libraries)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protoco...

RedHat Linux•added 2017/12/13 4:48 p.m.•2 views

OpenJDK: insufficient access control checks in XML transformations (JAXP, 8172469)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

RedHat Linux•added 2017/12/13 4:48 p.m.•3 views

OpenJDK: unrestricted access to com.sun.org.apache.xml.internal.resolver (JAXP, 8173286)