CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Javadoc tool in Sun JDK 6 and JDK 5.0 Update 11 can generate HTML documentation pages that contain cross-site scripting XSS vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.9AI score0.00874EPSS

Exploits1References3

SUSE CVE•added 2023/02/15 6:6 a.m.•3 views

SUSE CVE-2008-5350

Unspecified vulnerability in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows untrusted applications and applets to list the contents of the operating user's directory via unknown vectors...

5CVSS6.8AI score0.01668EPSS

Exploits1References10

Github Security Blog•added 2022/05/02 3:13 a.m.•38 views

Apache XML Security For Java vulnerable to authentication bypass by HMAC truncation

The design of the W3C XML Signature Syntax and Processing XMLDsig recommendation, as implemented in multiple products. The Apache XML Security Java is affected by the vulnerability published in US-Cert VU 466161. See: http://www.kb.cert.org/vuls/id/466161 for more information. This bug can allow ...

5CVSS0.5AI score0.0222EPSS

Exploits0References29Affected Software1

canvas•added 2011/02/17 7:0 p.m.•41 views

Immunity Canvas: CVE_2010_4452

Name| CVE20104452 ---|--- CVE| CVE-2010-4452 Exploit Pack| CANVAS Description| CVE20104452 Notes| CVE Name: CVE-2010-4452 VENDOR: Oracle NOTES: This exploit will work against Java plugin bundled with Oracle/SUN JDK/JRE = 6 Update 23. Target operating systems are Windows all versions and Ubuntu...

10CVSS0.3AI score0.84896EPSS

Exploits11

Symantec•added 2010/10/12 12:0 a.m.•34 views

Oracle Java SE and Java for Business CVE-2010-3552 Remote New Java Plug-in Vulnerability

Description Oracle Java SE and Java for Business are prone to a remote vulnerability in the Java plug-in for Internet Explorer. An attacker can exploit this vulnerability by using a malicious webpage. Due to a buffer overflow, it is possible for an attacker to execute arbitrary code in the contex...

10CVSS0.7AI score0.82947EPSS

Exploits8References1Affected Software9

Tenable Nessus•added 2010/05/11 12:0 a.m.•38 views

RHEL 4 / 5 : java-1.5.0-sun (RHSA-2010:0338)

The java-1.5.0-sun packages as shipped in Red Hat Enterprise Linux 4 Extras and 5 Supplementary contain security flaws and should not be used. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which...

9.8CVSS8.2AI score0.92077EPSS

Exploits46References52

Symantec•added 2010/03/30 12:0 a.m.•41 views

Oracle Java SE and Java for Business CVE-2010-0094 Remote Java Runtime Environment Vulnerability

Description Oracle Java SE and Java for Business are prone to a remote vulnerability in Java Runtime Environment. The vulnerability can be exploited over multiple protocols. An attacker does not require privileges to exploit this vulnerability. This vulnerability affects the following supported...

7.5CVSS0.8AI score0.86987EPSS

Exploits5References2Affected Software30

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by