CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

312 matches found

RedHat Linux•added 2018/04/30 4:21 p.m.•3 views

OpenJDK: unrestricted deserialization of data from JCEKS key stores (Security, 8189997)

Vulnerability in the Java SE, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162, 10 and JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java...

7.7CVSS7.3AI score0.00064EPSS

Exploits0References4

RedHat Linux•added 2018/04/23 5:24 p.m.•2 views

OpenJDK: unbounded memory allocation during deserialization in Container (AWT, 8189989)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...

5.3CVSS7.3AI score0.00179EPSS

Exploits0References4

RedHat Linux•added 2018/04/23 5:15 p.m.•2 views

OpenJDK: unrestricted deserialization of data from JCEKS key stores (Security, 8189997)

7.7CVSS7.3AI score0.00064EPSS

Exploits0References4

RedHat Linux•added 2018/04/19 6:6 p.m.•4 views

OpenJDK: incorrect merging of sections in the JAR manifest (Security, 8189969)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

3.1CVSS7.4AI score0.00239EPSS

Exploits0References4

RedHat Linux•added 2018/03/14 3:23 p.m.•3 views

OpenJDK: GTK library loading use-after-free (AWT, 8185325)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...

6.1CVSS7.4AI score0.00162EPSS

Exploits0References4

RedHat Linux•added 2018/03/14 3:23 p.m.•0 views

OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JNDI. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker wit...

4.3CVSS7.3AI score0.0009EPSS

Exploits0References4

RedHat Linux•added 2018/03/07 10:33 a.m.•2 views

OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacke...

4.3CVSS7.3AI score0.0009EPSS

Exploits0References4

RedHat Linux•added 2018/02/26 9:32 p.m.•3 views

OpenJDK: GTK library loading use-after-free (AWT, 8185325)

6.1CVSS7.4AI score0.00162EPSS

Exploits0References4

RedHat Linux•added 2018/01/18 9:55 p.m.•3 views

OpenJDK: GTK library loading use-after-free (AWT, 8185325)

6.1CVSS7.4AI score0.00162EPSS

Exploits0References4

Prion•added 2018/01/18 2:29 a.m.•28 views

Design/Logic Flaw

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JNDI. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker...

5.1CVSS7.9AI score0.0052EPSS

Exploits0References22Affected Software16

RedHat Linux•added 2017/12/06 1:42 p.m.•0 views

OpenJDK: unbounded memory allocation in PredicatedNodeTest deserialization (JAXP, 8181327)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

5.3CVSS7.4AI score0.00602EPSS

Exploits0References4

RedHat Linux•added 2017/10/23 7:44 a.m.•3 views

OpenJDK: unbounded memory allocation in SimpleTimeZone deserialization (Serialization, 8181323)

Vulnerability in the Java SE, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

5.3CVSS7.4AI score0.00602EPSS

Exploits0References4

RedHat Linux•added 2017/08/23 9:17 a.m.•1 views

OpenJDK: unbounded memory allocation in CodeSource deserialization (Serialization, 8174113)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker...

5.3CVSS7.4AI score0.005EPSS

Exploits0References4

RedHat Linux•added 2017/07/20 4:16 p.m.•1 views

OpenJDK: insufficient access control checks in ImageWatched (AWT, 8174098)

Vulnerability in the Java SE component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attac...

9.6CVSS7.4AI score0.00247EPSS

Exploits0References4

RedHat Linux•added 2017/07/20 3:59 p.m.•4 views

OpenJDK: unrestricted access to com.sun.org.apache.xml.internal.resolver (JAXP, 8173286)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

9.6CVSS7.4AI score0.00247EPSS

Exploits0References4

RedHat Linux•added 2016/07/21 10:19 a.m.•3 views

OpenJDK: insufficient restrictions on the use of custom ValueHandler (CORBA, 8079718)

Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; and Java SE Embedded 8u91 allows remote attackers to affect integrity via vectors related to CORBA...

4.3CVSS7.4AI score0.01892EPSS

Exploits0References5

RedHat Linux•added 2016/07/18 1:51 p.m.•1 views

OpenJDK: insufficient permission checks in StubGenerator (CORBA, 8076383)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4881...

10CVSS7.3AI score0.0797EPSS

Exploits0References5

RedHat Linux•added 2016/07/18 1:51 p.m.•2 views

OpenJDK: incomplete MaxXMLNameLimit enforcement (JAXP, 8086733)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911...

5CVSS7.3AI score0.058EPSS

Exploits0References5

RedHat Linux•added 2016/07/18 1:51 p.m.•2 views

OpenJDK: inefficient use of hash tables and lists during XML parsing (JAXP, 8068842)

5CVSS7.3AI score0.058EPSS

Exploits0References5

RedHat Linux•added 2016/07/18 1:51 p.m.•1 views

OpenJDK: incorrect access control context used in DGCClient (RMI, 8076413)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4860...

10CVSS7.3AI score0.08742EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by