Lucene search
K
Netapp7-mode Transition Tool

75 matches found

CVE
CVE
added 2023/07/18 8:18 p.m.2915 views

CVE-2023-22045

CVE-2023-22045 affects Oracle Java SE (Hotspot) and Oracle GraalVM variants (Enterprise Edition and JDK). Affected versions include Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; GraalVM Enterprise: 20.3.10, 21.3.6, 22.3.2; GraalVM for JDK: 17.0.7, 20.0.1. The vulnerability is diffic...

3.7CVSS4.4AI score0.01164EPSS
CVE
CVE
added 2017/09/19 1:0 p.m.1562 views

CVE-2017-12615

CVE-2017-12615 affects Apache Tomcat 7.0.0–7.0.79 on Windows when HTTP PUTs are enabled (readonly=false), allowing an attacker to upload a JSP file that can be executed by the server. Connected documents confirm remote code execution via crafted requests and note remediation through vendor adviso...

8.1CVSS7.4AI score0.99607EPSS
In wild
CVE
CVE
added 2022/07/19 12:0 a.m.1366 views

CVE-2022-21540

CVE-2022-21540 applies to Oracle Java SE (Hotspot) and Oracle GraalVM Enterprise Edition; affected versions include Oracle Java SE 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1 and GraalVM EE 20.3.6, 21.3.2, 22.1.0. The connected documents provide concrete details: the vulnerability can be exploite...

5.3CVSS5AI score0.0296EPSS
CVE
CVE
added 2022/07/19 12:0 a.m.1363 views

CVE-2022-21541

CVE-2022-21541 affects Oracle Java SE (Hotspot) and Oracle GraalVM Enterprise Edition. Affected Java SE versions include 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; GraalVM EE: 20.3.6, 21.3.2, 22.1.0. The vulnerability is described as difficult to exploit but allows an unauthenticated networked ...

5.9CVSS5.8AI score0.02062EPSS
CVE
CVE
added 2022/04/19 8:37 p.m.1286 views

CVE-2022-21449

CVE-2022-21449 affects Oracle Java SE Libraries (Oracle Java SE 17.0.2, 18) and GraalVM Enterprise Edition (21.3.1, 22.0.0.2). It enables unauthenticated, network‑accessible attackers to compromise data integrity — potentially unauthorized creation, deletion or modification of data in affected Or...

7.5CVSS6.9AI score0.48235EPSS
CVE
CVE
added 2022/07/19 12:0 a.m.1111 views

CVE-2022-21549

CVE-2022-21549 affects Oracle Java SE Libraries with affected binaries: Oracle Java SE 17.0.3.1 and Oracle GraalVM Enterprise Edition 21.3.2 and 22.1.0. The entry notes network‑accessible exploitation by an unauthenticated attacker, potentially enabling unauthorized update/insert/delete of data i...

5.3CVSS5AI score0.01804EPSS
CVE
CVE
added 2017/04/06 9:0 p.m.1048 views

CVE-2016-8735

CVE-2016-8735 is a remote code execution vulnerability in Apache Tomcat via JmxRemoteLifecycleListener. Affected are Tomcat releases before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12, when JMX ports are reachable. Root cause: JmxRemoteLifecycleListe...

9.8CVSS8AI score0.90338EPSS
In wild
CVE
CVE
added 2023/04/18 7:54 p.m.773 views

CVE-2023-21930

CVE-2023-21930 affects Oracle Java SE and GraalVM Enterprise Edition (JSSE component) on Java 8u361, 11.0.18, 17.0.6, 20 and GraalVM 20.3.9/21.3.5/22.3.1. An unauthenticated attacker with network access over TLS can compromise data confidentiality and integrity; exploitation is possible via TLS h...

7.4CVSS7.4AI score0.01295EPSS
CVE
CVE
added 2022/07/19 12:0 a.m.676 views

CVE-2022-34169

CVE-2022-34169 affects the Apache Xalan Java XSLT library. It describes an integer truncation vulnerability when processing malicious XSLT stylesheets, which can corrupt Java class files generated by the internal XSLTC compiler and allow execution of arbitrary Java bytecode. Public references in ...

7.5CVSS8.2AI score0.17673EPSS
Web
CVE
CVE
added 2023/05/22 10:8 a.m.671 views

CVE-2023-28709

The CVE-2023-28709 entry is tied to Apache Tomcat and an incomplete fix for CVE-2023-24998. The issue: when non-default HTTP connector settings allow maxParameterCount to be reached via query string parameters, a request that exactly meets maxParameterCount could bypass the limit for uploaded req...

7.5CVSS7.3AI score0.51547EPSS
CVE
CVE
added 2023/04/18 7:54 p.m.550 views

CVE-2023-21967

CVE-2023-21967 affects Oracle Java SE and GraalVM Enterprise Edition (JSSE, Swing, Hotspot, Libraries) with multiple vulnerable versions including Java 8u361, 11.0.18, 17.0.6, 20 and GraalVM 20.3.9/21.3.5/22.3.1. Root cause is unresolved issues in the Java components allowing unauthenticated netw...

5.9CVSS6.3AI score0.01523EPSS
CVE
CVE
added 2023/04/18 7:54 p.m.547 views

CVE-2023-21937

CVE-2023-21937 is an in-scope vulnerability affecting Oracle Java SE / GraalVM Enterprise Edition (Networking, Swing, Libraries, Hotspot, JSSE, etc.) with 8u361, 11.0.18, 17.0.6, 20 and related GraalVM versions impacted. It involves NULL-character handling and related input validation issues that...

3.7CVSS4.7AI score0.01208EPSS
CVE
CVE
added 2022/04/19 8:37 p.m.541 views

CVE-2022-21426

CVE-2022-21426 affects Oracle Java SE and GraalVM Enterprise Edition, with vulnerable components in Java SE (JAXP, Libraries, Serialization) and GraalVM CE surface. Public advisories list affected versions including Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18 and GraalVM CE: 20.3.5, 21.3.1,...

5.3CVSS5.3AI score0.03203EPSS
CVE
CVE
added 2023/04/18 7:54 p.m.529 views

CVE-2023-21954

CVE-2023-21954 (and related CVEs listed in the same advisory set) affects Oracle Java SE/OpenJDK/GraalVM Enterprise Edition components across multiple versions (e.g., 8u361, 11.0.18, 17.0.6, 20.x; Swing, Hotspot, JSSE, Libraries). The issue set comprises several distinct weaknesses (e.g., TLS han...

5.9CVSS6.1AI score0.01421EPSS
CVE
CVE
added 2023/07/18 8:18 p.m.517 views

CVE-2023-22049

CVE-2023-22049 affects Oracle Java SE and related GraalVM variants (Libraries component; and others listed) with affected versions including Oracle Java SE 8u371/8u371-perf/11.0.19/17.0.7/20.0.1; Oracle GraalVM Enterprise Edition and GraalVM for JDK versions. Exploitation is described as difficul...

3.7CVSS4.7AI score0.01316EPSS
CVE
CVE
added 2023/04/18 7:54 p.m.509 views

CVE-2023-21939

CVE-2023-21939 affects Oracle Java SE and GraalVM Enterprise Edition Swing component across several versions (e.g., Java 8u361, 11.0.18, 17.0.6, 20; GraalVM EE 20.3.9/21.3.5/22.3.1). It is an easily exploitable, unauthenticated remote issue over HTTP that can lead to unauthorized update/insert/de...

5.3CVSS5.7AI score0.02474EPSS
CVE
CVE
added 2023/04/18 7:54 p.m.507 views

CVE-2023-21968

CVE-2023-21968 affects Oracle Java SE and GraalVM when using the Libraries component (and related entries list Swing/JSSE/Hotspot among affected subsystems) for multiple Java versions (e.g., 8u361, 11.0.18, 17.0.6, 20; GraalVM EE 20.3.9/21.3.5/22.3.1). The vulnerability is exploitable over the ne...

3.7CVSS4.7AI score0.01036EPSS
CVE
CVE
added 2020/07/15 5:34 p.m.500 views

CVE-2020-14556

CVE-2020-14556 and related CVEs (e.g., 14577, 14578, 14579, 14581, 14583, 14593, 14621, 14664) pertain to Oracle Java SE/OpenJDK/OpenJDK-derived runtimes across multiple components (Libraries, JSSE, 2D, JAXP, JavaFX, etc.). The primary 2020 issue affects Java SE and Java SE Embedded on various ve...

5.8CVSS4.9AI score0.03022EPSS
CVE
CVE
added 2023/04/18 7:54 p.m.496 views

CVE-2023-21938

CVE-2023-21938 affects Oracle Java SE (Libraries, Swing, JSSE, Hotspot, JavaFX) and Oracle GraalVM Enterprise Edition across multiple components. Affected versions include Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4, 22.3.0. The vulner...

3.7CVSS4.7AI score0.01208EPSS
CVE
CVE
added 2022/10/18 12:0 a.m.459 views

CVE-2022-21626

CVE-2022-21626 affects Oracle Java SE (components: Security and JNDI) and Oracle GraalVM Enterprise Edition, with affected Java SE versions including 8u341, 8u345-perf, 11.0.16.1 (and related GraalVM versions 20.3.7, 21.3.3, 22.2.0). The vulnerability is exploitable remotely over HTTPS (and other...

5.3CVSS5.1AI score0.01746EPSS
CVE
CVE
added 2022/10/18 12:0 a.m.455 views

CVE-2022-21628

CVE-2022-21628 affects Oracle Java SE ( Lightweight HTTP Server) and Oracle GraalVM Enterprise Edition; affected Java SE versions include 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19 and GraalVM EE: 20.3.7, 21.3.3, 22.2.0. Description states an unauthenticated attacker with network access via HTTP ...

5.3CVSS5AI score0.02038EPSS
CVE
CVE
added 2022/10/18 12:0 a.m.439 views

CVE-2022-21624

CVE-2022-21624 is an Oracle Java SE/GraalVM EE vulnerability in the JNDI component (also described across connected advisories) that allows unauthenticated network access to potentially update/insert/delete data. Affected products/versions include Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17....

3.7CVSS4AI score0.01401EPSS
CVE
CVE
added 2020/07/15 5:34 p.m.436 views

CVE-2020-14621

CVE-2020-14621 details (connected data) : The vulnerability concerns Oracle Java SE/OpenJDK JAXP in Java SE/Embedded. Affected versions include Java SE: 7u261, 8u251, 11.0.7, 14.0.1; Java SE Embedded: 8u251. The issue is described as an easily exploitable flaw in the JAXP component that allows an...

5.3CVSS5.2AI score0.0435EPSS
CVE
CVE
added 2023/07/18 8:18 p.m.432 views

CVE-2023-22006

CVE-2023-22006 affects Oracle Java SE (Networking) and GraalVM variants; listed affected versions include Oracle Java SE 11.0.19, 17.0.7, 20.0.1; GraalVM EE 20.3.10, 21.3.6, 22.3.2; GraalVM for JDK 17.0.7 and 20.0.1. The vulnerability is hard to exploit and requires network access via multiple pr...

3.1CVSS4.2AI score0.00866EPSS
CVE
CVE
added 2020/07/15 5:34 p.m.429 views

CVE-2020-14577

CVE-2020-14577 is a TLS/JSSE-related issue in Oracle Java SE and Java SE Embedded (affecting Java 7u261, 8u251, 11.0.7 and 14.0.1; Embedded 8u251) enabling unauthenticated network access to read some data. Connected advisories show vendor-specific mitigations: for example, Amazon Linux ALAS advis...

4.3CVSS4.4AI score0.03284EPSS
CVE
CVE
added 2020/10/21 2:4 p.m.427 views

CVE-2020-14798

CVE-2020-14798 is a vulnerability in Oracle Java SE Libraries affecting Java SE versions 7u271, 8u261, 11.0.8 and 15, and Java SE Embedded 8u261. Exploitation is possible over network with multiple protocols and does not require authentication, but requires user interaction. Impact described as p...

3.1CVSS3.4AI score0.02684EPSS
CVE
CVE
added 2020/10/21 2:4 p.m.423 views

CVE-2020-14781

CVE-2020-14781 affects Oracle Java SE/SE Embedded (JNDI) with affected versions including Java SE 7u271, 8u261, 11.0.8, 15 and Java SE Embedded 8u261. The vulnerability allows an unauthenticated attacker with network access via multiple protocols to read a subset of Java SE/SE Embedded data. The ...

4.3CVSS3.5AI score0.02296EPSS
CVE
CVE
added 2023/07/18 8:18 p.m.421 views

CVE-2023-22041

This CVE (CVE-2023-22041) affects Oracle Java SE and Oracle GraalVM products, including: Oracle Java SE 8u371-perf, 11.0.19, 17.0.7, 20.0.1; GraalVM Enterprise 20.3.10, 21.3.6, 22.3.2; GraalVM for JDK 17.0.7 and 20.0.1. The vulnerability is exploitable by an unauthenticated attacker with a login ...

5.1CVSS5.8AI score0.00483EPSS
CVE
CVE
added 2020/07/15 5:34 p.m.420 views

CVE-2020-14581

CVE-2020-14581 affects Oracle Java SE/Java SE Embedded (component: 2D) with affected versions Java SE: 8u251, 11.0.7, 14.0.1 and Java SE Embedded: 8u251. The CVE is listed with a low overall base score (CVSS 3.1: 3.7) and confidentiality impact (C:L) and no impact on integrity/availability (I:N/A...

4.3CVSS4AI score0.03284EPSS
CVE
CVE
added 2020/10/21 2:4 p.m.417 views

CVE-2020-14803

CVE-2020-14803 affects Oracle Java SE Libraries in Java SE 11.0.8 and 15. The vulnerability allows an unauthenticated attacker over network to read a subset of Java SE data due to an issue in Libraries handling, per the CVSS base score 5.3 (CONF). Affected advisories across platforms corroborate ...

5.3CVSS4.4AI score0.03122EPSS
CVE
CVE
added 2022/10/18 12:0 a.m.417 views

CVE-2022-21619

CVE-2022-21619 affects Oracle Java SE (Security) and Oracle GraalVM Enterprise Edition. Affected Java SE versions: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; GraalVM Enterprise Edition: 20.3.7, 21.3.3, 22.2.0. The vulnerability allows unauthenticated network access to compromise affected product...

3.7CVSS3.9AI score0.02376EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.415 views

CVE-2020-2803

CVE-2020-2803 affects OpenJDK (Libraries component, Java SE/OpenJDK). The connected document confirms a vulnerability in boundary checks of java.nio buffer classes that allows an untrusted Java applet/application to bypass Java sandbox restrictions. Affected versions align with the original descr...

8.3CVSS8.2AI score0.0623EPSS
CVE
CVE
added 2020/10/21 2:4 p.m.412 views

CVE-2020-14779

CVE-2020-14779 affects Oracle Java SE SE/Embedded with Serialization and can enable an unauthenticated network-based attacker to cause partial denial of service. Affected versions include Java SE 7u271, 8u261, 11.0.8, 15 and Java SE Embedded 8u261; attack surface covers client and server deployme...

4.3CVSS3.7AI score0.03713EPSS
CVE
CVE
added 2023/07/18 8:18 p.m.411 views

CVE-2023-22036

CVE-2023-22036 is described across the primary record as vulnerability in Oracle Java SE, GraalVM (Utility) with affected versions across Oracle Java SE 11.0.19, 17.0.7, 20.0.1 and GraalVM 20.3.10, 21.3.6, 22.3.2; attackable by unauthenticated network access via multiple protocols, potentially en...

3.7CVSS4.6AI score0.01108EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.405 views

CVE-2020-2757

CVE-2020-2757 affects Oracle Java SE/SE Embedded (Serialization). Vulnerable: Java SE: 7u251, 8u241, 11.0.6, 14; SE Embedded: 8u241. Impact: unauthenticated network access leading to partial DoS on Java SE/SE Embedded. Root cause: serialization-related handling in the affected component; sandboxe...

4.3CVSS4.2AI score0.04211EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.404 views

CVE-2020-2800

CVE-2020-2800 affects Oracle Java SE/Java SE Embedded, specifically the Lightweight HTTP Server component. Affected versions include Java SE 7u251, 8u241, 11.0.6, 14 and Java SE Embedded 8u241. The vulnerability can be exploited over a network with unauthenticated access via multiple protocols, p...

5.8CVSS4.9AI score0.02879EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.403 views

CVE-2020-2830

CVE-2020-2830 affects Oracle Java SE/Java SE Embedded (Concurrency component) with Java SE versions 7u251, 8u241, 11.0.6 and 14; Java SE Embedded 8u241. The vulnerability allows unauthenticated network-based exploitation via multiple protocols, potentially enabling partial denial of service on Ja...

5.3CVSS5AI score0.04948EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.400 views

CVE-2020-2773

CVE-2020-2773 is a vulnerability in Oracle Java SE and Java SE Embedded (component: Security) that can be exploited remotely by unauthenticated attackers to cause a partial denial of service on affected Java runtimes. Affected versions include Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedde...

4.3CVSS4.2AI score0.03625EPSS
CVE
CVE
added 2020/07/15 5:34 p.m.396 views

CVE-2020-14593

CVE-2020-14593 is a vulnerability in the 2D component of Oracle Java SE/SE Embedded. Affected: Java SE 7u261, 8u251, 11.0.7, 14.0.1; Java SE Embedded 8u251. Vulnerability type is unspecified in the provided sources, but exploitation is described as unauthenticated with network access via multiple...

7.4CVSS7.1AI score0.03864EPSS
CVE
CVE
added 2020/07/15 5:34 p.m.394 views

CVE-2020-14583

CVE-2020-14583 affects Oracle Java SE/Java SE Embedded (Libraries component). Affected: Java SE 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded 8u251. Exploitation requires network access with user interaction and can lead to takeover of Java SE/Embedded with high impact on confidentiality, int...

8.3CVSS8.2AI score0.04029EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.390 views

CVE-2020-2781

CVE-2020-2781 concerns Oracle/OpenJDK Java SE JSSE vulnerability that allows unauthenticated network access to degrade availability in Java SE and Java SE Embedded (client/server deployment). The Chainguard data confirms affected OpenJDK JSSE components and versions, aligning with the CVE descrip...

5.3CVSS5.3AI score0.04948EPSS
CVE
CVE
added 2020/10/21 2:4 p.m.389 views

CVE-2020-14796

CVE-2020-14796 affects the Libraries component in Oracle Java SE/Java SE Embedded across multiple OpenJDK builds (e.g., Java-7u271? Java-8u261? Java-11.0.8? Java-15; Embedded 8u261). The vulnerability can be exploited by an unauthenticated attacker over network protocols, but exploitation require...

3.1CVSS3.2AI score0.02463EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.387 views

CVE-2020-2756

CVE-2020-2756 affects Oracle Java SE/Java SE Embedded (component: Serialization). Affected: Java SE 7u251, 8u241, 11.0.6, 14; Java SE Embedded 8u241. An unauthenticated, network-exposed attacker can exploit to cause a partial Denial of Service. Connected advisories show remediation via updating t...

4.3CVSS4.2AI score0.04211EPSS
CVE
CVE
added 2020/07/15 5:34 p.m.386 views

CVE-2020-14579

CVE-2020-14579 affects Oracle Java SE/Embedded (Libraries component) with affected Java SE: 7u261 and 8u251; Java SE Embedded: 8u251. The connected advisories confirm network-remote, unauthenticated access leading to a partial denial of service via multiple protocols, per CVSS 3.1 Base Score 3.7 ...

4.3CVSS4.3AI score0.04044EPSS
CVE
CVE
added 2020/10/21 2:4 p.m.385 views

CVE-2020-14792

CVE-2020-14792 is an Oracle Java OpenJDK vulnerability affecting Java SE and Embedded runtimes (Hotspot/Libraries components) with the root issue described as “Better range handling.” Affected versions include Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. The connected advisories...

5.8CVSS3.9AI score0.02203EPSS
CVE
CVE
added 2022/01/19 11:23 a.m.382 views

CVE-2022-21305

CVE-2022-21305 is present across multiple Oracle Java SE and GraalVM Enterprise Edition components (Hotspot, Serialization, JAXP, ImageIO, Libraries, 2D/3D) affecting Java versions 7u321, 8u311, 11.0.13, 17.0.1 (and GraalVM EE 20.3.4/21.3.0). Public advisories describe unauthenticated network-bas...

5.3CVSS4.7AI score0.02755EPSS
CVE
CVE
added 2022/01/19 11:23 a.m.381 views

CVE-2022-21299

CVE-2022-21299 is reported across multiple feeds as affecting Oracle Java SE and GraalVM Enterprise Edition, involving several components (JAXP, Serialization, Libraries, ImageIO, Hotspot, 2D). Affected Java SE versions include 7u321, 8u311, 11.0.13, 17.0.1; GraalVM EE versions 20.3.4 and 21.3.0....

5.3CVSS4.9AI score0.03458EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.379 views

CVE-2020-2755

CVE-2020-2755 is reported in the Oracle Java SE scripting component affecting Java SE 8u241, 11.0.6 and 14 (and Java SE Embedded 8u241). The vulnerability allows an unauthenticated attacker with network access to cause a partial denial of service in Java SE/Java SE Embedded. The CVSS base score i...

4.3CVSS4.2AI score0.03899EPSS
CVE
CVE
added 2022/01/19 11:22 a.m.379 views

CVE-2022-21248

CVE-2022-21248 affects Oracle Java SE and GraalVM Enterprise Edition via the Serialization component. Affected Oracle Java SE versions: 7u321, 8u311, 11.0.13, 17.0.1; GraalVM Enterprise Edition: 20.3.4 and 21.3.0. The vulnerability is exploitable over the network and allows an unauthenticated att...

4.3CVSS3.8AI score0.03763EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.377 views

CVE-2020-2805

CVE-2020-2805 is an OpenJDK/OpenJDK Libraries issue. The connected Chainguard entry states the flaw resides in the readObject() method of the MethodType class within the Libraries component of OpenJDK, which can allow an untrusted Java applet or application to bypass Java sandbox restrictions. Th...

8.3CVSS8.2AI score0.04051EPSS
Total number of security vulnerabilities75