Lucene search
K
NetappOncommand Shift

64 matches found

CVE
CVE
added 2017/10/19 5:0 p.m.197 views

CVE-2017-10293

CVE-2017-10293 is a vulnerability in the Oracle Java SE Javadoc component affecting Java SE versions 6u161, 7u151, 8u144, and 9. It permits an unauthenticated attacker with network access via HTTP to potentially read and modify Java data and read data, with user interaction required for exploitat...

6.1CVSS6.1AI score0.01489EPSS
CVE
CVE
added 2017/08/08 3:0 p.m.195 views

CVE-2017-10176

CVE-2017-10176 affects Oracle Java SE/SE Embedded/JRockit (OpenJDK/OpenJDK components) with affected releases including Java SE 7u141 and 8u131, SE Embedded 8u131, JRockit R28.3.14. The vulnerability enables an unauthenticated network attacker to access or take data via multiple protocols and can...

7.5CVSS7AI score0.05034EPSS
CVE
CVE
added 2017/08/08 3:0 p.m.190 views

CVE-2017-10114

CVE-2017-10114 affects the Java SE/JavaFX component; specifically Java SE 7u141 and 8u131. The vulnerability is described as difficult to exploit, requiring network access via multiple protocols and user interaction, with potential takeover of Java SE and possible impact on other products relying...

8.3CVSS8.5AI score0.0229EPSS
CVE
CVE
added 2017/08/08 3:0 p.m.185 views

CVE-2017-10118

CVE-2017-10118 affects Oracle Java SE/JRockit/JCE with a timing-channel vulnerability in ECDSA within the JCE component. A remote attacker could potentially recover private keys by observing timing differences, enabling unauthenticated network-remote exploitation on affected OpenJDK/JRockit confi...

7.5CVSS7AI score0.02972EPSS
CVE
CVE
added 2018/01/18 2:0 a.m.185 views

CVE-2018-2638

CVE-2018-2638 is addressed in IBM product advisories for IBM Netezza and IBM InfoSphere Optim. The IBM Netezza Platform Software requires upgrading to 11.2.1.2 (Fix Central link provided in the bulletin). Separately, IBM InfoSphere Optim solutions (11.3.0) should apply fix pack 11.3.0.7 to mitiga...

8.3CVSS8AI score0.03328EPSS
CVE
CVE
added 2017/08/11 2:0 a.m.184 views

CVE-2016-6796

CVE-2016-6796 affects Apache Tomcat across multiple lines: a malicious web application could bypass the SecurityManager by manipulating the configuration parameters for the JSP Servlet. Affected versions include Tomcat 9.0.0.M1–9.0.0.M9, 8.5.0–8.5.4, 8.0.0.RC1–8.0.36, 7.0.0–7.0.70, and 6.0.0–6.0....

7.5CVSS8.4AI score0.08321EPSS
CVE
CVE
added 2017/08/08 3:0 p.m.184 views

CVE-2017-10111

CVE-2017-10111 affects Oracle Java OpenJDK’s Libraries component (Java SE). The connected advisories confirm vulnerable versions include Java SE 8u131 and Java SE Embedded 8u131, with exploitation described as arbitrary code execution via the LambdaFormEditor bounds checks in the Libraries, enabl...

9.6CVSS9AI score0.02132EPSS
CVE
CVE
added 2017/08/08 3:0 p.m.183 views

CVE-2017-10105

CVE-2017-10105 is a vulnerability in the Oracle Java SE Deployment component affecting Java SE 6u151, 7u141, and 8u131. The connected CHAINGUARD entry confirms a vulnerability in Oracle Java SE Deployment with unspecified root cause and a potential impact to data integrity, but does not provide p...

4.3CVSS4.4AI score0.01913EPSS
CVE
CVE
added 2017/08/08 3:0 p.m.168 views

CVE-2017-10125

CVE-2017-10125 is described in the initial document as a vulnerability in the Oracle Java SE Deployment component affecting Java SE 7u141 and 8u131. The impact is stated as potentially allowing takeover of Java SE, with CVSS 3.0/3.1 metrics indicating a physical access prerequisite (HPC: PHYSICAL...

7.1CVSS7.6AI score0.0063EPSS
CVE
CVE
added 2017/08/08 3:0 p.m.166 views

CVE-2017-10086

CVE-2017-10086 affects Oracle Java SE (JavaFX) in Java 7u141 and 8u131. Descriptions indicate an easily exploitable, network-accessible vulnerability that can be exploited with no authentication and user interaction, potentially leading to takeover of Java SE. The connected documents cite this CV...

9.6CVSS9AI score0.02132EPSS
CVE
CVE
added 2018/01/18 2:0 a.m.157 views

CVE-2018-2627

CVE-2018-2627 : Vulnerability in the Oracle Java SE component (Installer) for Windows installer only. Affected: Java SE 8u152 and 9.0.1. Exploitation is described as difficult and requires a logged-on, low-privilege user with user interaction; successful exploitation could lead to takeover of Jav...

7.5CVSS7.4AI score0.00491EPSS
CVE
CVE
added 2018/01/18 2:0 a.m.156 views

CVE-2018-2581

CVE-2018-2581 affects Oracle Java SE (JavaFX) with Java SE versions 7u161, 8u152, and 9.0.1. An unauthenticated attacker with network access via multiple protocols can read a subset of Java SE data; exploitation requires user interaction. The issue is tied to JavaFX within client deployments (Web...

4.7CVSS4.4AI score0.02541EPSS
CVE
CVE
added 2016/09/21 1:0 a.m.119 views

CVE-2015-8960

The CVE-2015-8960 entry concerns TLS protocol versions 1.2 and earlier. The root cause is that certain ClientCertificateType values (rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, ecdsa_fixed_ecdh) are supported but the protocol does not document the ability to compute the master secret in scenarios...

8.1CVSS7.8AI score0.01947EPSS
CVE
CVE
added 2017/03/14 9:2 a.m.90 views

CVE-2016-8747

The CVE-2016-8747 issue affects Apache Tomcat 8.5.7–8.5.9 and 9.0.0.M11–9.0.0.M15 in reverse-proxy configurations, where Http11InputBuffer.java can let a remote attacker read data belonging to a different request. The underlying problem is an information-disclosure vulnerability in the Tomcat rev...

7.5CVSS7AI score0.07179EPSS
Total number of security vulnerabilities64