Lucene search
K

17 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 6:6 a.m.7 views

SUSE CVE-2008-5350

Unspecified vulnerability in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows untrusted applications and applets to list the contents of the operating user's directory via unknown vectors...

5CVSS6.8AI score0.03013EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2009/11/18 12:0 a.m.45 views

GLSA-200911-02 : Sun JDK/JRE: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200911-02 Sun JDK/JRE: Multiple vulnerabilities Multiple vulnerabilities have been reported in the Sun Java implementation. Please review the CVE identifiers referenced below and the associated Sun Alerts for details. Impact : A...

10CVSS7.1AI score0.84807EPSS
Exploits54References93
Tenable Nessus
Tenable Nessus
added 2009/10/06 12:0 a.m.15 views

openSUSE 10 Security Update : java-1_5_0-sun (java-1_5_0-sun-6313)

The Sun JDK/JRE 5 was updated to Update 19 fixing various bugs and security issues. An exact list of changes published by Sun can be found on http://java.sun.com/j2se/1.5.0/ReleaseNotes.html %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...

5.4AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2009/08/06 8:41 p.m.7 views

xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass

The design of the W3C XML Signature Syntax and Processing XMLDsig recommendation, as implemented in products including 1 the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; 2 the WebLogic Server component in BEA Product Suite 10.3, 10.0...

5CVSS7.3AI score0.06348EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2009/07/21 12:0 a.m.14 views

openSUSE Security Update : java-1_5_0-sun (java-1_5_0-sun-1017)

The Sun JDK/JRE 5 was updated to Update 19 fixing various bugs and security issues. An exact list of changes published by Sun can be found on http://java.sun.com/j2se/1.5.0/ReleaseNotes.html %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...

5.4AI score
Exploits0References3
Prion
Prion
added 2008/12/05 11:30 a.m.19 views

Design/Logic Flaw

Multiple unspecified vulnerabilities in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier allow untrusted applets and applications to gain privileges via vectors related to access to inner classes in the 1 JAX-WS and 2 JAXB packages...

7.5CVSS6.8AI score0.03426EPSS
Exploits1References26Affected Software2
UbuntuCve
UbuntuCve
added 2008/12/05 12:0 a.m.33 views

CVE-2008-5360

Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.218 and earlier; and SDK and JRE 1.3.123 and earlier creates temporary files with predictable file names, which allows attackers to write malicious JAR files via unknow...

6.4CVSS7AI score0.03478EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2008/08/13 2:19 p.m.5 views

Java-API calls in untrusted Javascript allow network privilege escalation

Unspecified vulnerability in Sun JDK and Java Runtime Environment JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.216 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java AP...

9.3CVSS7.5AI score0.05684EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/08/13 2:19 p.m.8 views

java-1.5.0 Privilege escalation via unstrusted applet and application

Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted 1 application or 2 applet, as demonstrated by an application or applet that grants...

10CVSS5.9AI score0.02839EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2008/04/22 12:0 a.m.251 views

GLSA-200804-20 : Sun JDK/JRE: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200804-20 Sun JDK/JRE: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Sun Java: Daniel Soeder discovered that a long codebase attribute string in a JNLP file will overflow a stack variable when launched ...

10CVSS9AI score0.18185EPSS
Exploits4References29
RedHat Linux
RedHat Linux
added 2008/03/11 2:9 p.m.7 views

Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit

Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit JDK before 1.5.011-b03 and 1.6.x before 1.6.001-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.214 and earlier, and SDK and JRE 1.3.120 and earlier...

6.8CVSS6.7AI score0.18185EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/02/14 2:46 p.m.6 views

Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)

Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the "third" issue...

9.3CVSS6.3AI score0.16899EPSS
Exploits1References4
Cvelist
Cvelist
added 2007/08/17 9:12 p.m.27 views

CVE-2007-4381

Unspecified vulnerability in the font parsing implementation in Sun JDK and JRE 5.0 Update 9 and earlier, and SDK and JRE 1.4.214 and earlier, allows remote attackers to perform unauthorized actions via an applet that grants certain privileges to itself...

6.3AI score0.05424EPSS
Exploits0References29
NVD
NVD
added 2007/07/11 11:30 p.m.25 views

CVE-2007-3716

The Java XML Digital Signature implementation in Sun JDK and JRE 6 before Update 2 does not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute arbitrary code via a crafted stylesheet, a related issue to CVE-2007-3715...

9.3CVSS9.5AI score0.03554EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2007/06/04 12:0 a.m.29 views

GLSA-200705-23 : Sun JDK/JRE: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200705-23 Sun JDK/JRE: Multiple vulnerabilities An unspecified vulnerability involving an 'incorrect use of system classes' was reported by the Fujitsu security team. Additionally, Chris Evans from the Google Security Team reporte...

10CVSS6.6AI score0.18185EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2007/02/18 12:0 a.m.36 views

GLSA-200702-07 : Sun JDK/JRE: Execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200702-07 Sun JDK/JRE: Execution of arbitrary code A anonymous researcher discovered that an error in the handling of a GIF image with a zero width field block leads to a memory corruption flaw. Impact : An attacker could entice a...

6.8CVSS5.7AI score0.10994EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2006/02/15 12:0 a.m.43 views

GLSA-200602-07 : Sun JDK/JRE: Applet privilege escalation

The remote host is affected by the vulnerability described in GLSA-200602-07 Sun JDK/JRE: Applet privilege escalation Applets executed using JRE or JDK can use 'reflection' APIs functions to elevate its privileges beyond the sandbox restrictions. Adam Gowdiak discovered five vulnerabilities that...

6.4CVSS6.2AI score0.05335EPSS
Exploits0References7
Rows per page
Query Builder