Lucene search
K

50 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 9:6 p.m.58 views

Security Bulletin: TADDM 7.2.1.4: Vulnerabilities in embedded JRE.

Abstract Multiple security vulnerabilities exist in the Java Runtime Environments JREs IBM JRE 5.0 Service Release 16 or earlier, and non-IBM Java 5.0 or earlier, that can affect the security of IBM Tivoli Application Dependency Discovery Manager. Content VULNERABILITY DETAILS: CVEID: CVE-2013-14...

10CVSS9.8AI score0.85882EPSS
Exploits18Affected Software1
Saint
Saint
added 2013/04/24 12:0 a.m.55 views

Java Runtime Environment Hotspot final field vulnerability

Added: 04/24/2013 CVE: CVE-2013-2423 BID: 59162 OSVDB: 92348 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java...

4.3CVSS4.8AI score0.85333EPSS
Exploits6
Saint
Saint
added 2013/04/24 12:0 a.m.42 views

Java Runtime Environment Hotspot final field vulnerability

Added: 04/24/2013 CVE: CVE-2013-2423 BID: 59162 OSVDB: 92348 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java...

4.3CVSS9.5AI score0.85333EPSS
Exploits6
Saint
Saint
added 2013/04/04 12:0 a.m.63 views

Java Runtime Environment Color Management memory overwrite

Added: 04/04/2013 CVE: CVE-2013-1493 BID: 58238 OSVDB: 90737 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java...

10CVSS9.8AI score0.85882EPSS
Exploits10
Saint
Saint
added 2013/04/04 12:0 a.m.56 views

Java Runtime Environment Color Management memory overwrite

Added: 04/04/2013 CVE: CVE-2013-1493 BID: 58238 OSVDB: 90737 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java...

10CVSS9.8AI score0.85882EPSS
Exploits10
Tenable Nessus
Tenable Nessus
added 2009/11/19 12:0 a.m.59 views

openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-1541)

The Sun Java 6 SDK/JRE was updated to u17 update fixing bugs and various security issues : CVE-2009-3866:The Java Web Start Installer in Sun Java SE in JDK and JRE 6 before Update 17 does not properly use security model permissions when removing installer extensions, which allows remote attackers...

9.3CVSS6.6AI score0.73376EPSS
Exploits20References14
Prion
Prion
added 2009/11/05 4:30 p.m.30 views

Integer overflow

Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file...

9.3CVSS7.9AI score0.09533EPSS
Exploits1References27Affected Software3
Prion
Prion
added 2009/11/05 4:30 p.m.22 views

Design/Logic Flaw

Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862969...

9.3CVSS6.7AI score0.04262EPSS
Exploits1References24Affected Software3
Cvelist
Cvelist
added 2009/11/05 4:0 p.m.35 views

CVE-2009-3871

Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit AWT in Java Runtime Environment JRE in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote...

7.7AI score0.06842EPSS
Exploits1References27
UbuntuCve
UbuntuCve
added 2009/11/05 12:0 a.m.40 views

CVE-2009-3875

The MessageDigest.isEqual function in Java Runtime Environment JRE in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to spoof HMAC-based digital signatures, and possibl...

5CVSS5.9AI score0.03107EPSS
Exploits1References4
Prion
Prion
added 2009/08/06 3:30 p.m.31 views

Input validation

XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service infinite loop and application hang via malformed XML input, as...

5CVSS6.6AI score0.3038EPSS
Exploits2References63Affected Software9
NVD
NVD
added 2009/08/06 3:30 p.m.38 views

CVE-2009-2625

XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service infinite loop and application hang via malformed XML input, as...

5CVSS6.6AI score0.3038EPSS
Exploits2References63
NVD
NVD
added 2009/08/05 7:30 p.m.25 views

CVE-2009-2676

Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE for Business, in JDK and JRE 6 Update 14 and earlier and JDK and JRE 5.0 Update 19 and earlier; and Java SE for Business in SDK and JRE 1.4.221 and earlier; allows remote attackers to create or modify arbitrary files via vecto...

6.8CVSS7.3AI score0.03645EPSS
Exploits1References23
Prion
Prion
added 2009/08/05 7:30 p.m.29 views

Information disclosure

The audio system in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by 1 untrusted applets and 2 Java Web Start applications, which allows context-dependent attackers to obtain sensiti...

5CVSS6AI score0.03286EPSS
Exploits1References36Affected Software2
UbuntuCve
UbuntuCve
added 2009/08/05 12:0 a.m.41 views

CVE-2009-2672

The proxy mechanism implementation in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to browser cookies by untrusted 1 applets and 2 Java Web Start applications, which allows remote attackers to hijack web sessions...

7.5CVSS6.3AI score0.04564EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2009/04/23 12:0 a.m.53 views

Sun Java JDK/JRE Multiple Vulnerabilities (Windows)

This host is installed with Sun Java JDK/JRE and is prone to Multiple Vulnerabilities. OpenVAS Vulnerability Test $Id: gbsunjavajredosvulnwin.nasl 7699 2017-11-08 12:10:34Z santu $ Sun Java JDK/JRE Multiple Vulnerabilities Windows Authors: Sharath S Copyright: Copyright c 2009 Greenbone Networks...

10CVSS0.6AI score0.08233EPSS
Exploits0References4
Prion
Prion
added 2008/12/05 11:30 a.m.14 views

Design/Logic Flaw

Unspecified vulnerability in Java Runtime Environment JRE for Sun JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.218 and earlier; and SDK and JRE 1.3.123 or earlier allows untrusted applets and applications to read arbitrary memory via a crafted ZIP file...

7.1CVSS6.2AI score0.0281EPSS
Exploits1References25Affected Software3
Prion
Prion
added 2008/12/05 11:30 a.m.27 views

Design/Logic Flaw

Unspecified vulnerability in Java Web Start JWS and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted JWS applications to obtain the pathname of the JWS cache and the application username via unknown vectors, aka CR 6727071...

5CVSS6.1AI score0.03013EPSS
Exploits1References26Affected Software3
Prion
Prion
added 2008/12/05 11:30 a.m.17 views

Design/Logic Flaw

Unspecified vulnerability in Java Web Start JWS and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows untrusted applets to read arbitrary files and make unauthorized network connections via unknown vectors...

7.5CVSS6.2AI score0.03426EPSS
Exploits1References32Affected Software3
Prion
Prion
added 2008/12/05 11:30 a.m.21 views

Code injection

Java Web Start JWS and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows remote attackers to make unauthorized network connections and hijack HTTP sessions via a crafted file that validates as both a GIF an...

9CVSS6.3AI score0.05093EPSS
Exploits1References35Affected Software3
Rows per page
Query Builder