CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1373 matches found

RedHat Linux•added 2018/04/23 5:15 p.m.•4 views

OpenJDK: unbounded memory allocation during deserialization in PriorityBlockingQueue (Concurrency, 8189981)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Concurrency. Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...

5.3CVSS7.3AI score0.07708EPSS

Exploits0References4

RedHat Linux•added 2018/04/19 6:6 p.m.•5 views

OpenJDK: unbounded memory allocation during deserialization in NamedNodeMapImpl (JAXP, 8189993)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network...

5.3CVSS7.1AI score0.15528EPSS

Exploits0References4

OSV•added 2018/04/19 2:29 a.m.•3 views

CVE-2018-2815

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attack...

5.3CVSS6.7AI score0.05391EPSS

Exploits0References22

NVD•added 2018/04/19 2:29 a.m.•17 views

CVE-2018-2814

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Hotspot. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

8.3CVSS8.2AI score0.04195EPSS

Exploits0References22

OSV•added 2018/04/19 2:29 a.m.•2 views

CVE-2018-2798

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...

5.3CVSS5.8AI score0.0872EPSS

Exploits0References28

NVD•added 2018/04/19 2:29 a.m.•15 views

CVE-2018-2783

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with...

7.4CVSS6.9AI score0.03853EPSS

Exploits0References16

Prion•added 2018/04/19 2:29 a.m.•26 views

Design/Logic Flaw

5.8CVSS6.7AI score0.03853EPSS

Exploits0References16Affected Software8

Prion•added 2018/04/19 2:29 a.m.•22 views

Design/Logic Flaw

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker wi...

5CVSS4.8AI score0.0872EPSS

Exploits0References28Affected Software13

Prion•added 2018/04/19 2:29 a.m.•19 views

Design/Logic Flaw

5CVSS4.8AI score0.07708EPSS

Exploits0References26Affected Software13

Prion•added 2018/04/19 2:29 a.m.•21 views

Design/Logic Flaw

5CVSS4.8AI score0.15528EPSS

Exploits0References29Affected Software14

Prion•added 2018/04/19 2:29 a.m.•12 views

Design/Logic Flaw

5.1CVSS8AI score0.04195EPSS

Exploits0References22Affected Software11

Prion•added 2018/04/19 2:29 a.m.•19 views

Design/Logic Flaw

5CVSS4.8AI score0.05391EPSS

Exploits0References22Affected Software12

Prion•added 2018/04/19 2:29 a.m.•27 views

Design/Logic Flaw

5CVSS4.8AI score0.0872EPSS

Exploits0References28Affected Software13

Prion•added 2018/04/19 2:29 a.m.•17 views

Design/Logic Flaw

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JMX. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...

5CVSS4.8AI score0.0872EPSS

Exploits0References28Affected Software13

Vulnrichment•added 2018/04/19 2:0 a.m.•14 views

CVE-2018-2795

5.9AI score0.0872EPSS

Exploits0References28

Vulnrichment•added 2018/04/19 2:0 a.m.•6 views

CVE-2018-2815

4.4AI score0.05391EPSS

Exploits0References22

CVE•added 2018/04/19 2:0 a.m.•292 views

CVE-2018-2798

CVE-2018-2798 affects Oracle Java/OpenJDK with the AWT component (and related JRE/JDK bundles). The connected advisories describe an issue: unbounded memory allocation during deserialization in the Container (AWT) path, enabling potentially unauthenticated network-accessed exploitation. Public di...

5.3CVSS5AI score0.0872EPSS

Exploits0References28Affected Software2

CVE•added 2018/04/19 2:0 a.m.•252 views

CVE-2018-2815

CVE-2018-2815 is a deserialization flaw in Oracle Java SE, Java SE Embedded, and JRockit (Serialization component) that can be exploited over network without authentication to cause a partial denial of service. Affected are Java SE 6u181, 7u171, 8u162, 10; Java SE Embedded 8u161; JRockit R28.3.17...

5.3CVSS4.9AI score0.05391EPSS

Exploits0References22Affected Software2

CVE•added 2018/04/19 2:0 a.m.•278 views

CVE-2018-2814

CVE-2018-2814 affects Java SE/Java SE Embedded (Hotspot). Affected: Java SE 6u181, 7u171, 8u162, 10; Java SE Embedded 8u161. The vulnerability allows network-based, unauthenticated access to compromise Java SE/Embedded with user interaction required, potentially leading to takeover. Underlying is...

8.3CVSS8.1AI score0.04195EPSS

Exploits0References22Affected Software2

CVE•added 2018/04/19 2:0 a.m.•244 views

CVE-2018-2797

CVE-2018-2797 (OpenJDK/OpenJDK for Java SE/Java SE Embedded/JRockit; subcomponent: JMX) concerns unbounded memory allocation during deserialization in the JMX-related path, enabling a network-exposed attacker to cause a partial denial of service. Public advisories and vendor pages (CentOS CESA-20...

5.3CVSS5AI score0.0872EPSS

Exploits0References28Affected Software2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by