CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5549 matches found

RedHat Linux•added 2019/10/17 10:0 a.m.•2 views

OpenJDK: Integer overflow in bounds check in SunGraphics2D (2D, 8225292)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

4.3CVSS7.4AI score0.03155EPSS

Exploits0References4

RedHat Linux•added 2019/10/17 10:0 a.m.•3 views

OpenJDK: Excessive memory allocation in CMap when reading TrueType font (2D, 8225597)

4.3CVSS7.4AI score0.03467EPSS

Exploits0References4

RedHat Linux•added 2019/10/17 10:0 a.m.•5 views

OpenJDK: Missing restrictions on use of custom SocketImpl (Networking, 8218573)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...

3.1CVSS7.4AI score0.03362EPSS

Exploits0References4

RedHat Linux•added 2019/10/17 10:0 a.m.•4 views

OpenJDK: Unexpected exception thrown during regular expression processing in Nashorn (Scripting, 8223518)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Scripting. Supported versions that are affected are Java SE: 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

5.8CVSS7.4AI score0.03328EPSS

Exploits0References4

RedHat Linux•added 2019/10/17 10:0 a.m.•2 views

OpenJDK: Out of bounds access in optimized String indexof implementation (Hotspot, 8224062)

Vulnerability in the Java SE product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of th...

5.8CVSS7.4AI score0.0252EPSS

Exploits0References4

RedHat Linux•added 2019/10/17 10:0 a.m.•5 views

OpenJDK: Unexpected exception thrown by XPath processing crafted XPath expression (JAXP, 8224532)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JAXP. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

4.3CVSS7.4AI score0.03749EPSS

Exploits0References4

RedHat Linux•added 2019/10/17 9:59 a.m.•5 views

OpenJDK: Missing glyph bitmap image dimension check in FreetypeFontScaler (2D, 8225286)

Vulnerability in the Java SE product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this...

4.3CVSS7.4AI score0.02929EPSS

Exploits0References4

RedHat Linux•added 2019/10/17 9:59 a.m.•5 views

OpenJDK: Excessive memory allocation in CMap when reading TrueType font (2D, 8225597)

4.3CVSS7.4AI score0.03467EPSS

Exploits0References4

RedHat Linux•added 2019/10/17 9:59 a.m.•7 views

OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler (Networking, 8223892)

4.3CVSS7.4AI score0.03155EPSS

Exploits0References4

Veracode•added 2019/10/17 12:22 a.m.•37 views

Remote Code Execution (RCE) Via Partial Denial Of Service (DoS)

OpenJDK is vulnerable to remote code execution RCE. It is possible because it causes an unexpected exception thrown during Font object deserialization, leading to a partial denial of service DoS of Java SE. A client using a Java sandbox or using a Java web service with data supplies to APIs can b...

3.7CVSS3.6AI score0.03749EPSS

Exploits0References24Affected Software4

Tenable Nessus•added 2019/10/17 12:0 a.m.•27 views

Oracle Solaris Critical Patch Update : oct2019_SRU11_4_13_4_0

This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Oracle Solaris product of Oracle Systems component: SMF services & legacy daemons. The supported version that is affected is 11. Difficult to exploit vulnerability allows low privileged...

3.6CVSS6.1AI score0.0037EPSS

Exploits0References5

CNVD•added 2019/10/17 12:0 a.m.•3 views

Unspecified Vulnerability in Oracle Solaris (CNVD-2019-38536)

Oracle Solaris is a Unix-like operating system. An unspecified vulnerability exists in the SMF services & legacy daemons component of Oracle Solaris 11. An attacker can exploit this vulnerability to unauthorized update, insert, or delete certain Oracle Solaris accessible data and cause a partial...

3.6CVSS6.4AI score0.00333EPSS

Exploits0References1

OSV•added 2019/10/16 6:15 p.m.•1 views

CVE-2019-3008

Vulnerability in the Oracle Solaris product of Oracle Systems component: LDAP Library. The supported version that is affected is 11. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris...

1.8CVSS6.7AI score

Exploits0References1

OSV•added 2019/10/16 6:15 p.m.•9 views

CVE-2019-2992

3.7CVSS5.2AI score

Exploits0References22

OSV•added 2019/10/16 6:15 p.m.•4 views

DEBIAN-CVE-2019-2992

3.7CVSS5.9AI score0.03467EPSS

Exploits0References1

OSV•added 2019/10/16 6:15 p.m.•3 views

DEBIAN-CVE-2019-2987