CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

OSV•added 2026/05/06 6:52 a.m.•4 views

CLSA-2026-1777645704 java-17-openjdk: Fix of 2 CVEs

Update to jdk-17.0.19+10 RHSA-2026:9686 - Set fipsver to 62c0f885e30 - CVE-2026-22016: fix JAXP component vulnerability allowing unauthenticated remote attackers to gain unauthorized access to sensitive data in Java SE - CVE-2026-34282: fix Hotspot component vulnerability allowing unauthorized...

7.5CVSS7.3AI score0.00154EPSS

Exploits0References1

RedhatCVE•added 2025/09/04 11:33 a.m.•17 views

CVE-2025-5662

A deserialization vulnerability exists in the H2O-3 REST API POST /99/ImportSQLTable that affects all versions up to 3.46.0.7. This vulnerability allows remote code execution RCE due to improper validation of JDBC connection parameters when using a Key-Value format. The vulnerability is present i...

9.8CVSS9.5AI score0.0284EPSS

Exploits0References1

Positive Technologies•added 2025/07/15 12:0 a.m.•4 views

PT-2025-29620 · Oracle · Oracle Graalvm For Jdk +1

Name of the Vulnerable Software and Affected Versions: Oracle GraalVM for JDK version 24.0.1 Description: A difficult-to-exploit issue exists in the Oracle GraalVM for JDK product of Oracle Java SE component: Native Image. An unauthenticated attacker with network access via HTTP can compromise...

3.7CVSS6.8AI score0.00288EPSS

Exploits0References5

OSV•added 2025/04/29 1:35 p.m.•12 views

SUSE-SU-2025:1399-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.27+6 April 2025 CPU CVEs: + CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data bsc1241274 + CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access...

7.4CVSS6.9AI score0.00226EPSS

Exploits0References7

Positive Technologies•added 2023/12/07 12:0 a.m.•7 views

PT-2023-9571

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23 Oracle GraalVM for JDK versions 17.0.12, 21.0.4, 23 Oracle GraalVM Enterprise Edition versions 20.3.15, 21.3.11 Description The issue is related to the Serialization...

3.7CVSS6.8AI score0.00096EPSS

Exploits0References383

NVD•added 2023/11/03 7:15 a.m.•17 views

CVE-2023-5763

In Eclipse Glassfish 5 or 6, running with old versions of JDK lower than 6u211, or 7u201, or 8u191, allows remote attackers to load malicious code on the server via access to insecure ORB listeners...

9.8CVSS7.3AI score0.00154EPSS

Exploits0References2

OSV•added 2023/02/14 3:30 p.m.•19 views

GHSA-GVG3-83Q4-RFHQ Command injection in Apache Sling

Apache Sling JCR Base 3.1.12 has a critical injection vulnerability when running on old JDK versions JDK 1.8.191 or earlier through utility functions in RepositoryAccessor. The functions getRepository and getRepositoryFromURL allow an application to access data stored in a remote location via JDN...

7.5CVSS7.4AI score0.01607EPSS

Exploits0References6