Lucene search
+L

134 matches found

RedhatCVE
RedhatCVE
added 2019/11/06 10:21 a.m.48 views

CVE-2017-10356

It was discovered that the Security component of OpenJDK generated weak password-based encryption keys used to protect private keys stored in key stores. This made it easier to perform password guessing attacks to decrypt stored keys if an attacker could gain access to a key store...

6.2CVSS2.4AI score0.00754EPSS
Exploits0References1
Veracode
Veracode
added 2019/05/02 5:20 a.m.31 views

Sandbox Restrictions Bypass

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to...

5.9CVSS6.7AI score0.14714EPSS
Exploits0References29Affected Software5
Tenable Nessus
Tenable Nessus
added 2017/12/26 12:0 a.m.47 views

Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2017-936)

It was discovered that the Security component of OpenJDK could fail to properly enforce restrictions defined for processing of X.509 certificate chains. A remote attacker could possibly use this flaw to make Java accept certificate using one of the disabled algorithms. CVE-2017-10198 Vulnerabilit...

9.6CVSS6.6AI score0.16181EPSS
Exploits2References17
Amazon
Amazon
added 2017/12/20 12:0 a.m.89 views

Critical: java-1.7.0-openjdk

Issue Overview: It was discovered that the Security component of OpenJDK could fail to properly enforce restrictions defined for processing of X.509 certificate chains. A remote attacker could possibly use this flaw to make Java accept certificate using one of the disabled algorithms...

9.6CVSS8.1AI score0.16181EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2017/11/01 12:0 a.m.43 views

EulerOS 2.0 SP2 : java-1.8.0-openjdk (EulerOS-SA-2017-1255)

According to the versions of the java-1.8.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these...

9.6CVSS6.7AI score0.16181EPSS
Exploits2References15
RedHat Linux
RedHat Linux
added 2017/10/24 12:9 p.m.5 views

OpenJDK: weak protection of key stores against brute forcing (Security, 8181692)

It was discovered that the Security component of OpenJDK generated weak password-based encryption keys used to protect private keys stored in key stores. This made it easier to perform password guessing attacks to decrypt stored keys if an attacker could gain access to a key store...

6.2CVSS7.3AI score0.00754EPSS
Exploits0References4
Kitploit
Kitploit
added 2017/07/29 10:51 p.m.66 views

JKS Private Key Cracker - Cracking passwords of private key entries in a JKS file

The Java Key Store JKS is the Java way of storing one or several cryptographic private and public keys for asymmetric cryptography in a file. While there are various key store formats, Java and Android still default to the JKS file format. JKS is one of the file formats for Java key stores, but J...

7.1AI score
Exploits0References9
OpenVAS
OpenVAS
added 2016/02/11 12:0 a.m.33 views

Amazon Linux: Security Advisory (ALAS-2016-647)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.7AI score0.14714EPSS
Exploits0References2
Amazon
Amazon
added 2016/02/09 12:0 a.m.63 views

Important: java-1.8.0-openjdk

Issue Overview: An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass...

10CVSS8.3AI score0.14714EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2016/02/02 1:39 p.m.6 views

OpenJDK: PBE incorrect key lengths (Libraries, 8138589)

It was discovered that the password-based encryption PBE implementation in the Libraries component in OpenJDK used an incorrect key length. This could, in certain cases, lead to generation of keys that were weaker than expected...

5.8CVSS7.2AI score0.03663EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/01/21 11:38 a.m.4 views

OpenJDK: PBE incorrect key lengths (Libraries, 8138589)

It was discovered that the password-based encryption PBE implementation in the Libraries component in OpenJDK used an incorrect key length. This could, in certain cases, lead to generation of keys that were weaker than expected...

5.8CVSS7.2AI score0.03663EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2016/01/21 12:0 a.m.308 views

Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x i386/x86_64 (20160120) (SLOTH)

An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox...

10CVSS8.1AI score0.14714EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2016/01/20 7:30 p.m.6 views

OpenJDK: PBE incorrect key lengths (Libraries, 8138589)

It was discovered that the password-based encryption PBE implementation in the Libraries component in OpenJDK used an incorrect key length. This could, in certain cases, lead to generation of keys that were weaker than expected...

5.8CVSS7.2AI score0.03663EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/01/20 7:14 p.m.6 views

OpenJDK: PBE incorrect key lengths (Libraries, 8138589)

It was discovered that the password-based encryption PBE implementation in the Libraries component in OpenJDK used an incorrect key length. This could, in certain cases, lead to generation of keys that were weaker than expected...

5.8CVSS7.2AI score0.03663EPSS
Exploits0References5
Rows per page
Query Builder