CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1373 matches found

CVE•added 2018/04/19 2:0 a.m.•240 views

CVE-2018-2796

CVE-2018-2796 causes unbounded memory allocation during deserialization in PriorityBlockingQueue (Concurrency) in Oracle/OpenJDK Java SE. Affected: Java SE/Embedded and JRockit components with Java 7u171, 8u162 and 10, plus related JDK/JRE packages (e.g., OpenJDK builds) per the CVE references. I...

5.3CVSS5AI score0.07708EPSS

Exploits0References26Affected Software2

Cvelist•added 2018/04/19 2:0 a.m.•23 views

CVE-2018-2783

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with...

7.1AI score0.03853EPSS

Exploits0References16

Debian CVE•added 2018/04/19 2:0 a.m.•20 views

CVE-2018-2798

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...

5.3CVSS4AI score0.0872EPSS

Exploits0

Debian CVE•added 2018/04/19 2:0 a.m.•27 views

CVE-2018-2815

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attack...

5.3CVSS3.9AI score0.05391EPSS

Exploits0

UbuntuCve•added 2018/04/18 12:0 a.m.•31 views

CVE-2018-2795

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker wi...

5.3CVSS6.2AI score0.0872EPSS

Exploits0References4

CNVD•added 2018/04/18 12:0 a.m.•2 views

Unspecified Vulnerability in Oracle Java SE and Java SE Embedded (CNVD-2018-09067)

Java SE is short for Java Platform Standard Edition, which is used to develop and deploy Java applications for desktops, servers, as well as embedded devices and real-time environments.Java SE Embedded is based on Java SE and provides specific features and support for embedded systems. An...

3.1CVSS8.9AI score0.05095EPSS

Exploits0References1

OSV•added 2018/04/18 12:0 a.m.•1 views

UBUNTU-CVE-2018-2796

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Concurrency. Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...

5.3CVSS6.1AI score0.07708EPSS

Exploits0References5

OSV•added 2018/04/18 12:0 a.m.•0 views

UBUNTU-CVE-2018-2815

5.3CVSS6.1AI score0.05391EPSS

Exploits0References5

OSV•added 2018/04/18 12:0 a.m.•1 views

UBUNTU-CVE-2018-2783

7.4CVSS6.3AI score0.03853EPSS

Exploits0References4

OSV•added 2018/04/18 12:0 a.m.•1 views

UBUNTU-CVE-2018-2814

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Hotspot. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

8.3CVSS6.2AI score0.04195EPSS

Exploits0References5

OSV•added 2018/04/18 12:0 a.m.•0 views

UBUNTU-CVE-2018-2790

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

3.1CVSS6.1AI score0.05095EPSS

Exploits0References5

Positive Technologies•added 2018/04/18 12:0 a.m.•8 views

PT-2018-15813 · Oracle +5 · Java Se +8

Name of the Vulnerable Software and Affected Versions: Java SE versions 7u171, 8u162 and 10 Java SE Embedded version 8u161 JRockit version R28.3.17 Description: Easily exploitable issue allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE...

9.8CVSS6.8AI score0.95707EPSS

Exploits27References352

Kaspersky•added 2018/04/17 12:0 a.m.•2313 views

KLA11234 Multiple vulnerabilities in Oracle Java SE, Java SE Embedded and JRockit

Multiple serious vulnerabilities have been found in Oracle products. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, obtain sensitive information, cause denial of service and perform unspecified attacks. Below is a complete list of...

8.3CVSS7.5AI score0.15528EPSS

Exploits0References6

RedHat Linux•added 2018/03/07 10:33 a.m.•6 views

OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JNDI. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker wit...

4.3CVSS7.3AI score0.04706EPSS

Exploits0References4

RedHat Linux•added 2018/02/26 10:27 p.m.•2 views

OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacke...

4.3CVSS7.3AI score0.04706EPSS

Exploits0References4

RedHat Linux•added 2018/02/26 9:37 p.m.•2 views

OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Hotspot. Supported versions that are affected are Java SE: 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols...

6.5CVSS7.3AI score0.04767EPSS

Exploits0References4

RedHat Linux•added 2018/02/26 9:37 p.m.•4 views

OpenJDK: GTK library loading use-after-free (AWT, 8185325)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...

6.1CVSS7.4AI score0.0514EPSS

Exploits0References4

RedHat Linux•added 2018/01/18 9:55 p.m.•5 views

OpenJDK: GTK library loading use-after-free (AWT, 8185325)

6.1CVSS7.4AI score0.0514EPSS

Exploits0References4

RedHat Linux•added 2018/01/18 9:55 p.m.•4 views

OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962)

6.5CVSS7.3AI score0.04767EPSS

Exploits0References4

RedHat Linux•added 2018/01/18 9:55 p.m.•3 views

OpenJDK: GTK library loading use-after-free (AWT, 8185325)