Lucene search

K
OracleOpenjdk

98 matches found

CVE
CVE
added 2013/02/08 7:55 p.m.12947 views

CVE-2013-0169

The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct disting...

2.6CVSS6.8AI score0.01098EPSS
CVE
CVE
added 2022/07/19 10:15 p.m.1297 views

CVE-2022-21540

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Easily exploitab...

5.3CVSS5AI score0.00441EPSS
CVE
CVE
added 2022/07/19 10:15 p.m.1297 views

CVE-2022-21541

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Difficult to exp...

5.9CVSS5.8AI score0.00186EPSS
CVE
CVE
added 2013/01/31 2:55 p.m.1073 views

CVE-2013-0431

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, and OpenJDK 7, allows user-assisted remote attackers to bypass the Java security sandbox via unspecified vectors related to JMX, aka "Issue 52," a different vulnerability than CVE-2013-1...

5.3CVSS8.3AI score0.91587EPSS
In wild
CVE
CVE
added 2021/04/22 10:15 p.m.791 views

CVE-2021-2163

Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20.3.1.2 and 21.0.0.2....

5.3CVSS4.8AI score0.00109EPSS
CVE
CVE
added 2023/04/18 8:15 p.m.682 views

CVE-2023-21930

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vul...

7.4CVSS7.4AI score0.00134EPSS
CVE
CVE
added 2022/07/19 6:15 p.m.599 views

CVE-2022-34169

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or ...

7.5CVSS8.2AI score0.1168EPSS
Web
CVE
CVE
added 2021/05/14 8:15 p.m.560 views

CVE-2021-3537

A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest th...

5.9CVSS7AI score0.00127EPSS
In wild
CVE
CVE
added 2021/05/19 2:15 p.m.500 views

CVE-2021-3517

There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this fla...

8.6CVSS8.4AI score0.00077EPSS
CVE
CVE
added 2023/04/18 8:15 p.m.490 views

CVE-2023-21967

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vul...

5.9CVSS6.3AI score0.00076EPSS
CVE
CVE
added 2021/07/21 3:15 p.m.489 views

CVE-2021-2388

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerability allows unauthenticated a...

7.5CVSS5.8AI score0.00987EPSS
CVE
CVE
added 2023/04/18 8:15 p.m.476 views

CVE-2023-21937

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to explo...

3.7CVSS4.7AI score0.00095EPSS
CVE
CVE
added 2023/04/18 8:15 p.m.453 views

CVE-2023-21954

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vuln...

5.9CVSS6.1AI score0.00053EPSS
CVE
CVE
added 2023/04/18 8:15 p.m.449 views

CVE-2023-21939

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Easily exploitable vuln...

5.3CVSS5.7AI score0.0149EPSS
CVE
CVE
added 2023/04/18 8:15 p.m.445 views

CVE-2023-21968

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploi...

3.7CVSS4.7AI score0.00086EPSS
CVE
CVE
added 2023/04/18 8:15 p.m.437 views

CVE-2023-21938

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploi...

3.7CVSS4.7AI score0.00095EPSS
CVE
CVE
added 2020/07/15 6:15 p.m.413 views

CVE-2020-14556

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple p...

5.8CVSS4.9AI score0.00397EPSS
CVE
CVE
added 2021/07/21 3:15 p.m.412 views

CVE-2021-2341

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerability allows unauthe...

4.3CVSS3.8AI score0.00228EPSS
CVE
CVE
added 2022/04/19 9:15 p.m.400 views

CVE-2022-21476

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vul...

7.5CVSS7AI score0.00145EPSS
CVE
CVE
added 2021/07/21 3:15 p.m.382 views

CVE-2021-2369

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Library). Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Easily exploitable vulnerability allows unauthentica...

4.3CVSS4.3AI score0.00284EPSS
CVE
CVE
added 2020/10/21 3:15 p.m.372 views

CVE-2020-14803

Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 11.0.8 and 15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of th...

5.3CVSS4.4AI score0.00046EPSS
CVE
CVE
added 2020/07/15 6:15 p.m.370 views

CVE-2020-14577

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to c...

4.3CVSS4.4AI score0.002EPSS
CVE
CVE
added 2020/07/15 6:15 p.m.368 views

CVE-2020-14621

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple p...

5.3CVSS5.2AI score0.00313EPSS
CVE
CVE
added 2020/10/21 3:15 p.m.366 views

CVE-2020-14798

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

3.1CVSS3.4AI score0.00247EPSS
CVE
CVE
added 2021/04/22 10:15 p.m.366 views

CVE-2021-2161

Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20.3.1.2 and 21.0.0.2....

5.9CVSS5.3AI score0.00325EPSS
CVE
CVE
added 2020/07/15 6:15 p.m.361 views

CVE-2020-14581

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocol...

4.3CVSS4AI score0.00261EPSS
CVE
CVE
added 2020/10/21 3:15 p.m.356 views

CVE-2020-14781

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JNDI). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple pro...

4.3CVSS3.5AI score0.00117EPSS
CVE
CVE
added 2021/10/20 11:16 a.m.356 views

CVE-2021-35550

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated attac...

7.1CVSS5.8AI score0.00089EPSS
CVE
CVE
added 2020/04/15 2:15 p.m.354 views

CVE-2020-2803

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

8.3CVSS8.2AI score0.02714EPSS
CVE
CVE
added 2024/01/16 10:15 p.m.351 views

CVE-2024-20952

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM...

7.4CVSS7.1AI score0.00347EPSS
CVE
CVE
added 2020/04/15 2:15 p.m.350 views

CVE-2020-2830

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via multipl...

5.3CVSS5AI score0.00151EPSS
CVE
CVE
added 2021/10/20 11:16 a.m.344 views

CVE-2021-35588

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 7u311, 8u301; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated attacker wi...

3.1CVSS4.2AI score0.00087EPSS
CVE
CVE
added 2020/04/15 2:15 p.m.340 views

CVE-2020-2800

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network acce...

5.8CVSS4.9AI score0.00397EPSS
CVE
CVE
added 2020/07/15 6:15 p.m.337 views

CVE-2020-14583

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via mul...

8.3CVSS8.2AI score0.00967EPSS
CVE
CVE
added 2021/10/20 11:16 a.m.337 views

CVE-2021-35578

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacker w...

5.3CVSS5.1AI score0.00109EPSS
CVE
CVE
added 2020/01/15 5:15 p.m.336 views

CVE-2020-2654

Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Succ...

4.3CVSS4.5AI score0.00162EPSS
CVE
CVE
added 2020/04/15 2:15 p.m.336 views

CVE-2020-2754

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple proto...

4.3CVSS4.2AI score0.00158EPSS
CVE
CVE
added 2020/04/15 2:15 p.m.334 views

CVE-2020-2757

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via mul...

4.3CVSS4.2AI score0.00219EPSS
CVE
CVE
added 2021/10/20 11:16 a.m.331 views

CVE-2021-35561

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Utility). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated ...

5.3CVSS5.1AI score0.00134EPSS
CVE
CVE
added 2020/04/15 2:15 p.m.329 views

CVE-2020-2781

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compr...

5.3CVSS5.3AI score0.00174EPSS
CVE
CVE
added 2020/10/21 3:15 p.m.327 views

CVE-2020-14779

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via mul...

4.3CVSS3.7AI score0.00138EPSS
CVE
CVE
added 2021/10/20 11:16 a.m.327 views

CVE-2021-35556

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated at...

5.3CVSS5AI score0.00104EPSS
CVE
CVE
added 2020/10/21 3:15 p.m.326 views

CVE-2020-14796

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

3.1CVSS3.2AI score0.0013EPSS
CVE
CVE
added 2020/04/15 2:15 p.m.326 views

CVE-2020-2773

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

4.3CVSS4.2AI score0.00525EPSS
CVE
CVE
added 2022/01/19 12:15 p.m.325 views

CVE-2022-21305

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...

5.3CVSS4.7AI score0.00259EPSS
CVE
CVE
added 2020/07/15 6:15 p.m.324 views

CVE-2020-14593

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple pro...

7.4CVSS7.1AI score0.00286EPSS
CVE
CVE
added 2020/04/15 2:15 p.m.324 views

CVE-2020-2755

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple proto...

4.3CVSS4.2AI score0.00152EPSS
CVE
CVE
added 2021/06/02 3:15 p.m.322 views

CVE-2021-3522

GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.

5.5CVSS5.5AI score0.00106EPSS
CVE
CVE
added 2020/10/21 3:15 p.m.321 views

CVE-2020-14792

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple ...

5.8CVSS3.9AI score0.00183EPSS
CVE
CVE
added 2020/01/15 5:15 p.m.321 views

CVE-2020-2583

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

4.3CVSS4.3AI score0.00281EPSS
Total number of security vulnerabilities98