Lucene search
K

392 matches found

CVE
CVE
added 2013/02/02 12:0 a.m.568 views

CVE-2013-0424

CVE-2013-0424 is an unspecified vulnerability in the Java Runtime Environment (JRE) component affecting Oracle Java SE 7 up to Update 11, 6 up to Update 38, 5.0 up to Update 38, and 1.4.2_40 and earlier, plus OpenJDK 7. The issue relates to RMI and could allow remote attackers to affect integrity...

5CVSS8AI score0.04795EPSS
CVE
CVE
added 2012/05/03 6:17 p.m.477 views

CVE-2012-0551

Technical details for CVE-2012-0551 are not publicly available in the provided documents; no affected products, root cause, impact, or fixes are described here. Monitor for updates.

5.8CVSS5.3AI score0.11515EPSS
CVE
CVE
added 2013/03/04 4:0 p.m.455 views

CVE-2013-0809

CVE-2013-0809 is an integer overflow vulnerability in the 2D ImagingLib component of Oracle Java (paired with CVE-2013-1493). Exploitation could allow a remote attacker to achieve arbitrary code execution by enticing a user to visit a malicious page; affected are Java releases up to Oracle JDK/JR...

10CVSS9.2AI score0.10554EPSS
CVE
CVE
added 2013/04/17 3:0 p.m.434 views

CVE-2013-2429

CVE-2013-2429 is an unspecified vulnerability in the Java Runtime Environment’s ImageIO component, affecting Oracle Java SE 7u17 and earlier, Java SE 6u43 and earlier, Java SE 5.0u41 and earlier, and OpenJDK 6/7. It allows remote attackers to compromise confidentiality, integrity, and availabilit...

7.6CVSS8AI score0.05616EPSS
CVE
CVE
added 2012/10/16 9:29 p.m.417 views

CVE-2012-1533

CVE-2012-1533 is an unspecified vulnerability in the JRE components shipped with Java SE 7u7 and earlier and Java SE 6u35 and earlier, allowing remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. In IBM Rational Functional Tester cont...

10CVSS5.6AI score0.68532EPSS
CVE
CVE
added 2013/03/04 4:0 p.m.395 views

CVE-2013-1493

CVE-2013-1493 affects Oracle Java SE 7 (and older Java 6/5 branches) where the 2D color management (CMM) component can be triggered via crafted image raster parameters, causing an out-of-bounds read or memory corruption in the JVM and enabling remote code execution or crash. Exploitation in the w...

10CVSS9.3AI score0.85882EPSS
CVE
CVE
added 2013/04/17 3:0 p.m.382 views

CVE-2013-2383

CVE-2013-2383 is a glyph-table vulnerability in the ICU library (ICU component). Debian advisories (DSA-3187-1 / DLA-219-1) enumerate CVE-2013-2383 among related ICU issues and note fixes: for the Debian Wheezy (stable) release, ICU was fixed in version 4.8.1.1-12+deb7u2, and future (Jessie/sid) ...

10CVSS8.4AI score0.08614EPSS
CVE
CVE
added 2013/04/17 3:0 p.m.380 views

CVE-2013-2419

CVE-2013-2419 relates to the ICU library and is labeled as a font processing issue. The connected Debian advisories show it among several ICU CVEs and indicate fixes in ICU package updates: for Debian Wheezy (stable) in icu 4.8.1.1-12+deb7u2, and for Jessie/sid in icu 52.1-7.1. The DLA-219-1 and ...

5CVSS8.4AI score0.22753EPSS
CVE
CVE
added 2013/02/02 12:0 a.m.379 views

CVE-2013-0440

CVE-2013-0440 is an unspecified vulnerability in the Java Runtime Environment affecting availability via JSSE. It impacts Oracle Java SE 7 (up to 11), 6 (up to 38), 5.0 (up to 38), and 1.4.2_40 and earlier, as well as OpenJDK 7. The issue is tied to the February 2013 CPU and has been referenced a...

5CVSS7.5AI score0.05532EPSS
CVE
CVE
added 2013/02/02 12:0 a.m.376 views

CVE-2013-1478

CVE-2013-1478 is an unspecified vulnerability in the Java Runtime Environment (JRE) affecting Oracle Java SE 7 up to Update 11, OpenJDK 6/7, and older JREs, with vectors related to 2D. Disclosures describe an issue where an attacker could craft a harmful java.awt.image.Raster object to trigger me...

10CVSS8.2AI score0.07634EPSS
CVE
CVE
added 2013/04/17 3:0 p.m.371 views

CVE-2013-2384

CVE-2013-2384 is a font layout issue in the International Components for Unicode (ICU) library. Connected advisories indicate the problem affected ICU components as shipped in Linux distributions (e.g., icu in Debian stable/wheezy and in newer Debian releases). The Debian security entries list CV...

10CVSS8.4AI score0.08614EPSS
CVE
CVE
added 2012/10/16 9:29 p.m.369 views

CVE-2012-5081

CVE-2012-5081 is an unspecified vulnerability in the Java Runtime Environment (JRE) JSSE component, linked to remote unavailability impacts. The F5 advisory maps this CVE to Oracle Java SE 7/6/5 and OpenJDK 1.4.x-era releases, stating that affected BIG-IP/ARX/EM products may be vulnerable and rec...

5CVSS7AI score0.45113EPSS
CVE
CVE
added 2013/04/17 3:0 p.m.369 views

CVE-2013-1569

CVE-2013-1569 is a glyph table issue in the ICU library (Unicode components). Connected sources confirm ICU-related fixes across Debian and Gentoo advisories, with CVE-2013-1569 listed alongside other ICU CVEs. Debian DSA-3187-1/DSA-3187-1:B06DD note the issue across icu across multiple releases;...

10CVSS8.4AI score0.08704EPSS
CVE
CVE
added 2013/06/18 10:0 p.m.368 views

CVE-2013-1571

CVE-2013-1571 is a frame-injection vulnerability in Javadoc-generated HTML that can enable clickjacking. It is documented across multiple IBM advisories (InfoSphere MashupHub, Prerequisite Scanner, Streams, Guardium Data Redaction, Tivoli Monitoring, etc.) and IBM notes the Java documentation may...

4.3CVSS6.3AI score0.66817EPSS
CVE
CVE
added 2013/02/02 12:0 a.m.367 views

CVE-2013-0425

CVE-2013-0425 is documented in IBM security flash entries for IBM Java/JRE components embedded in IBM Tivoli products (e.g., IBM Tivoli System Automation for Integrated Operations Management and IBM Smart Analytics System). The vulnerability relates to the java.util.Logger and logging infrastruct...

10CVSS8.3AI score0.08087EPSS
CVE
CVE
added 2013/02/02 12:0 a.m.367 views

CVE-2013-0441

CVE-2013-0441 is observed in IBM-referenced advisories as one of multiple Java Runtime Environment vulnerabilities affecting IBM Tivoli products (embedded JRE). The connected IBM entries describe CVE-2013-0441 as part of a family of JRE flaws (including CORBA/serialization related issues) in IBM ...

10CVSS8.3AI score0.08087EPSS
CVE
CVE
added 2013/02/02 12:0 a.m.367 views

CVE-2013-1475

CVE-2013-1475 is an IBM-referenced vulnerability describing an I/O/serialization cache collision in ObjectStreamClass: when two classes share the same serialPersistentFields, a type-confusion risk arises. IBM documents tie this to CORBA-related Java runtimes and note an affected IBM product stack...

10CVSS8AI score0.07714EPSS
CVE
CVE
added 2013/02/02 12:0 a.m.365 views

CVE-2013-0443

CVE-2013-0443 is an unspecified vulnerability in the Java Runtime Environment (JRE) affecting Oracle Java SE 7 up to Update 11, Java SE 6 up to Update 38, Java SE 5.0 up to Update 38, and OpenJDK 6/7. The issue allows remote attackers to affect confidentiality and integrity via vectors related to...

4CVSS6.2AI score0.04259EPSS
CVE
CVE
added 2013/06/18 10:0 p.m.365 views

CVE-2013-2473

CVE-2013-2473 is described as an unspecified vulnerability in the Java Runtime Environment (JRE) affecting Oracle Java SE 7u21 and earlier, 6u45 and earlier, 5.0u45 and earlier, and OpenJDK 7, with an attack vector related to the 2D component and potential Java sandbox bypass. IBM documentation l...

10CVSS6.4AI score0.07437EPSS
In wild
CVE
CVE
added 2013/06/18 10:0 p.m.363 views

CVE-2013-2463

CVE-2013-2463 affects the 2D component (ImagingLib) of Oracle/OpenJDK Java runtimes. Connected advisories describe memory corruption risks in ImagingLib.lookupByteBI and related 2D processing, potentially exploitable by untrusted Java applications/APIs. Affected packages include OpenJDK/OpenJDK-d...

10CVSS6.6AI score0.10179EPSS
In wild
CVE
CVE
added 2013/06/18 10:0 p.m.362 views

CVE-2013-2470

CVE-2013-2470 affects Oracle Java SE (7u21 and earlier, 6u45 and earlier, 5.0u45 and earlier) and OpenJDK 7. The flaw is a memory corruption/heap-buffer overflow in the 2D ImagingLib.lookupByteBI path, enabling a remote attacker to execute arbitrary code or potentially terminate the JVM. Public a...

10CVSS6.4AI score0.22988EPSS
In wild
CVE
CVE
added 2011/10/19 9:0 p.m.361 views

CVE-2011-3547

CVE-2011-3547 is an unspecified vulnerability in the Java Runtime Environment component of Oracle Java SE JDK/JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier. It allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidenti...

5CVSS8.1AI score0.02685EPSS
CVE
CVE
added 2013/02/02 12:0 a.m.361 views

CVE-2013-0432

CVE-2013-0432 affects the Java Runtime Environment (JRE) component in Oracle Java SE 7 (through Update 11) and OpenJDK 6/7. The issue is described as an unspecified vulnerability related to AWT that allows remote attackers to affect confidentiality and integrity. The provided connected documents ...

6.4CVSS7.9AI score0.04875EPSS
CVE
CVE
added 2013/02/02 12:0 a.m.361 views

CVE-2013-0434

CVE-2013-0434 is a disclosed vulnerability in the Java Runtime Environment (JRE) affecting Oracle Java SE 7 up to Update 11, OpenJDK 6/7, and related JAXP components. The issue is described as an unspecified confidentiality impact via JAXP vectors, with a note that claims relate to the loadProper...

5CVSS7.8AI score0.04911EPSS
CVE
CVE
added 2013/02/02 12:0 a.m.359 views

CVE-2013-0442

CVE-2013-0442 affects the Java Runtime Environment (Oracle Java SE 7u11, 6u38, 5.0u38 and earlier; OpenJDK 6/7) with an unspecified vulnerability in the JRE related to AWT that could allow remote attackers to compromise confidentiality, integrity and availability. The MiracleLinux and other Nessu...

10CVSS8.1AI score0.08087EPSS
CVE
CVE
added 2012/06/16 9:0 p.m.358 views

CVE-2012-1713

CVE-2012-1713 is described as an unspecified vulnerability in the Java Runtime Environment (JRE) component affecting Oracle Java SE 7u4 and earlier, 6u32 and earlier, 5u35 and earlier, 1.4.2_37 and earlier, and JavaFX 2.1 and earlier, enabling remote attackers to affect confidentiality, integrity...

10CVSS8.2AI score0.05983EPSS
CVE
CVE
added 2013/04/17 3:0 p.m.358 views

CVE-2013-2417

CVE-2013-2417 is listed in MiracleLinux AXSA advisories for OpenJDK/JRE components in Oracle Java SE 7u17 and earlier (and 6u43/5.0u41 and earlier) with unspecified vectors affecting availability via Networking. The MiracleLinux AXSA-2013-427/428 and related Nessus entries enumerate CVE-2013-2417...

5CVSS8AI score0.04914EPSS
CVE
CVE
added 2013/06/18 10:0 p.m.358 views

CVE-2013-2453

CVE-2013-2453 is documented in the MiracleLinux AXSA-2013-553:03 advisory and in Oracle's JRE CPU notes as an unspecified vulnerability in the Java Runtime Environment related to JMX. The MiracleLinux block confirms the issue affects OpenJDK/OpenJRE lines and mirrors the description that the vuln...

5CVSS6.4AI score0.04552EPSS
CVE
CVE
added 2012/08/30 11:0 p.m.357 views

CVE-2012-0547

CVE-2012-0547 is a Java SE/JRE issue affecting Oracle JRE 7u6 and earlier and 6u34 and earlier. The vulnerability is described as a security-in-depth, AWT-related issue that is not directly exploitable on its own, but can aggravate vulnerabilities that are exploitable when combined with others. A...

8.8AI score0.12471EPSS
CVE
CVE
added 2013/06/18 10:0 p.m.355 views

CVE-2013-1500

CVE-2013-1500 is described in multiple IBM advisories as an unspecified vulnerability in the Java Runtime Environment (JRE) 2D component that can affect confidentiality and integrity, primarily via local vectors. MiracleLinux/OpenJDK/Oracle Java references (CVE-2013-1500) indicate affected platfo...

3.6CVSS5.4AI score0.00506EPSS
CVE
CVE
added 2013/04/17 3:0 p.m.355 views

CVE-2013-2420

CVE-2013-2420 is an integer overflow in sun.awt.image.ImageRepresentation.setPixels in Oracle Java SE 7/6 (and OpenJDK 6/7) related to image/raster dimension validation in the 2D component. A remote attacker could exploit this via a crafted image/page to achieve arbitrary code execution, affectin...

10CVSS8.1AI score0.06788EPSS
CVE
CVE
added 2013/06/18 10:0 p.m.354 views

CVE-2013-2407

CVE-2013-2407 is an unspecified vulnerability in the Java Runtime Environment Libraries component affecting Oracle JRE 7u21 and earlier, OpenJDK 7, and related OpenJDK/JRE builds, described as allowing remote attackers to affect confidentiality and availability via unknown vectors. MiracleLinux A...

6.4CVSS6.1AI score0.05166EPSS
CVE
CVE
added 2013/06/18 10:0 p.m.354 views

CVE-2013-2464

CVE-2013-2464 is described as an unspecified vulnerability in the Oracle Java SE JRE with potential impact to confidentiality, integrity, and availability via unknown vectors related to 2D. Connected documents provide concrete details for related CVEs (2463, 2465, 2470, 2471, 2472, 2473) indicati...

10CVSS4.9AI score0.06733EPSS
In wild
CVE
CVE
added 2013/10/16 3:0 p.m.354 views

CVE-2013-5780

CVE-2013-5780 is described as an unspecified vulnerability in Oracle Java/JVM libraries affecting confidentiality (partial) and is rated CVSS 4.3 (NVD). IBM advisories reiterate that the IBM SDK/JAVA components (versions 5, 6, 7) are affected and provide remediation by upgrading to newer IBM JRE/...

4.3CVSS6.2AI score0.03433EPSS
CVE
CVE
added 2012/06/16 9:0 p.m.353 views

CVE-2012-1725

CVE-2012-1725 is described as an unspecified vulnerability in the Java Runtime Environment (JRE) related to Hotspot, affecting confidentiality, integrity, and availability. Connected advisories show this CVE being addressed in Java components across multiple distributions (including OpenJDK/OpenJ...

10CVSS8.2AI score0.05572EPSS
CVE
CVE
added 2012/10/16 9:29 p.m.353 views

CVE-2012-3216

CVE-2012-3216 is an unspecified vulnerability in the Java Runtime Environment (JRE) component, described as affecting Libraries and allowing remote attackers to affect confidentiality via unknown vectors. Connected advisories show this CVE being addressed by vendor JRE patches in multiple product...

2.6CVSS8AI score0.02878EPSS
CVE
CVE
added 2013/04/17 3:0 p.m.352 views

CVE-2013-2424

CVE-2013-2424 is shown in MiracleLinux advisory AXSA-2013-427/AXSA-2013-428 as an unspecified vulnerability in the Java Runtime Environment (JRE) component that affects OpenJDK/JRE within MiracleLinux OpenJDK deployments. The issue is described as enabling remote attackers to affect confidentiali...

5CVSS7.8AI score0.04362EPSS
CVE
CVE
added 2013/02/02 12:0 a.m.351 views

CVE-2013-1480

CVE-2013-1480 is an input-related, memory-corruption risk in the Java Runtime Environment (JRE) / OpenJDK when processing AWT raster data. The vulnerability is described as an unspecified issue in JRE/AWT that can be exploited remotely to affect confidentiality, integrity, and availability via AW...

10CVSS8.1AI score0.07714EPSS
CVE
CVE
added 2013/06/18 10:0 p.m.351 views

CVE-2013-2443

CVE-2013-2443 is documented across connected IBM security bulletins as a Java JRE vulnerability (Libraries component) with confidentiality/integrity impact and unknown attack vectors. IBM remediation guidance centers on applying the provided fixes in the affected IBM products (e.g., WebSphere/ODM...

5CVSS6.1AI score0.04586EPSS
CVE
CVE
added 2012/06/16 9:0 p.m.350 views

CVE-2012-1718

CVE-2012-1718 is an unspecified vulnerability in the Java Runtime Environment (JRE) affecting Oracle Java SE up to certain older builds (7u4 and earlier, 6u32 and earlier, 5u35 and earlier, and 1.4.2_37 and earlier) that could allow remote attackers to affect availability via unknown vectors rela...

5CVSS8.2AI score0.04262EPSS
CVE
CVE
added 2013/02/02 12:0 a.m.348 views

CVE-2013-0428

CVE-2013-0428 is reported for IBM’s embedded JRE in IBM TADDM (Tivoli Application Dependency Discovery Manager) 7.2.x. The connected IBM bulletin describes the flaw as: in the java.lang.reflect package, package access permission checks may fail under certain conditions, enabling reflective proxie...

10CVSS8.2AI score0.07634EPSS
CVE
CVE
added 2013/06/18 10:0 p.m.348 views

CVE-2013-2412

CVE-2013-2412 is an unspecified vulnerability in the Java Runtime Environment (JRE) Serviceability area that Oracle/OpenJDK-related CPUs list as allowing remote/confidentiality impact via unknown vectors. In connected documents, MiracleLinux AXSA-2013-553:03 documents CVE-2013-2412 as one of mult...

5CVSS6AI score0.04783EPSS
CVE
CVE
added 2013/04/17 3:0 p.m.348 views

CVE-2013-2430

CVE-2013-2430 is a Java Runtime Environment (JRE) vulnerability affecting confidentiality, integrity, and availability via unknown vectors related to ImageIO in Oracle Java SE 7u17 and earlier, 6u43 and earlier, 5.0u41 and earlier, JavaFX 2.2.7 and earlier, and OpenJDK 6/7. Connected advisories c...

7.6CVSS8AI score0.05616EPSS
CVE
CVE
added 2013/06/18 10:0 p.m.347 views

CVE-2013-2459

The provided connected documents confirm concrete details for CVE-2013-2459 and related Java JRE/OpenJDK vulnerabilities in IBM/MiracleLinux advisories (June 2013 CPU era). MiracleLinux AXSA entries list numerous CVEs (e.g., CVE-2013-1500, CVE-2013-1571, CVE-2013-2444 to CVE-2013-2473, including ...

10CVSS6.6AI score0.07437EPSS
CVE
CVE
added 2013/06/18 10:0 p.m.347 views

CVE-2013-2471

CVE-2013-2471 is a remote-code-execution type vulnerability in the Java 2D/awt stack affecting Oracle JRE/JDK and OpenJDK (across 6 and 7 lines) identified by multiple advisories. The issue is described as memory corruption in the 2D component related to IntegerComponentRaster size checks, with p...

10CVSS6.6AI score0.14749EPSS
In wild
CVE
CVE
added 2013/06/18 10:0 p.m.345 views

CVE-2013-2444

CVE-2013-2444 is listed in MiracleLinux AXSA advisories as an unspecified vulnerability in the Java Runtime Environment, with the description noting an issue in the JRE related to resources handling in AWT that could affect availability (potential font processing/temporary files). The MiracleLinu...

5CVSS6.4AI score0.04874EPSS
CVE
CVE
added 2013/06/18 10:0 p.m.345 views

CVE-2013-2447

CVE-2013-2447 is listed in MiracleLinux advisories as an unspecified vulnerability in the Java Runtime Environment (JRE) component affecting OpenJDK/OpenJDK builds. The affected products are MiracleLinux 3 (java-1.6.0-openjdk) and MiracleLinux 4 (java-1.7.0-openjdk). The description notes remote ...

5CVSS6AI score0.04326EPSS
CVE
CVE
added 2013/06/18 10:0 p.m.345 views

CVE-2013-2469

CVE-2013-2469 is a Java Runtime Environment (JRE) vulnerability reported across IBM advisories related to IBM Java SDK shipped with Tivoli/TPC, WebSphere Real Time, and ITM components. The issue affects JREs included in Oracle Java SE 7u21 and earlier, 6u45 and earlier, 5.0u45 and earlier, and Op...

10CVSS6.4AI score0.07133EPSS
In wild
CVE
CVE
added 2013/06/18 10:0 p.m.345 views

CVE-2013-2472

CVE-2013-2472 is an unspecified vulnerability in the JRE component of Oracle Java SE up to 7u21, 6u45, 5.0u45 and OpenJDK 7, with unknown vectors related to 2D. It is described as potentially bypassing the Java sandbox, impacting confidentiality, integrity, and availability. No public remediation...

10CVSS6.4AI score0.22988EPSS
In wild
CVE
CVE
added 2013/04/17 3:0 p.m.344 views

CVE-2013-1557

CVE-2013-1557 is described in multiple advisories as an unspecified vulnerability in the Java Runtime Environment (JRE) related to RMI, potentially allowing a remote attacker to affect confidentiality, integrity, and availability. Connected sources (including MiracleLinux AXSA advisories and IBM ...

10CVSS8AI score0.06788EPSS
Total number of security vulnerabilities392