Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
SunJre1.5.0

258 matches found

CVE
CVEadded 2010/04/01 4:30 p.m.68 views

CVE-2010-0085

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-...

5.1CVSS7AI score0.03647EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.68 views

CVE-2010-3554

Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

10CVSS7.1AI score0.06885EPSS
CVE
CVEadded 2008/12/05 11:30 a.m.67 views

CVE-2008-5346

Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 or earlier allows untrusted applets and applications to read arbitrary memory via a crafted ZIP file.

7.1CVSS7.2AI score0.03998EPSS
CVE
CVEadded 2010/04/01 4:30 p.m.67 views

CVE-2010-0841

Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU...

7.5CVSS7.5AI score0.10009EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.67 views

CVE-2010-3567

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has ...

10CVSS7.1AI score0.08856EPSS
CVE
CVEadded 2010/04/01 4:30 p.m.66 views

CVE-2010-0091

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0084.

4.3CVSS6.9AI score0.01941EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.66 views

CVE-2010-3553

Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

10CVSS7.2AI score0.10973EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.66 views

CVE-2010-3566

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update and 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has ...

10CVSS7.4AI score0.07205EPSS
CVE
CVEadded 2011/06/14 6:55 p.m.66 views

CVE-2011-0815

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availabil...

10CVSS8.1AI score0.07572EPSS
CVE
CVEadded 2011/02/17 7:0 p.m.65 views

CVE-2010-4447

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown v...

4.3CVSS5.5AI score0.02758EPSS
CVE
CVEadded 2006/10/10 4:6 a.m.64 views

CVE-2006-5201

Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponen...

4CVSS7.4AI score0.03819EPSS
CVE
CVEadded 2006/12/26 11:28 p.m.64 views

CVE-2006-6737

Unspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 5 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_10 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allows attackers to use untrusted applets to "access data in o...

4.3CVSS6AI score0.0136EPSS
CVE
CVEadded 2008/12/05 11:30 a.m.64 views

CVE-2008-5345

Unspecified vulnerability in Java Runtime Environment (JRE) with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier allows code that is loaded from a local filesystem to read arbitrary files and make...

7.5CVSS7.2AI score0.0488EPSS
CVE
CVEadded 2010/04/01 4:30 p.m.64 views

CVE-2010-0092

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

5.1CVSS6.8AI score0.06156EPSS
CVE
CVEadded 2011/02/17 7:0 p.m.64 views

CVE-2010-4473

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound an...

10CVSS5.8AI score0.07413EPSS
CVE
CVEadded 2010/04/01 4:30 p.m.62 views

CVE-2010-0087

Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

7.5CVSS6.8AI score0.02519EPSS
CVE
CVEadded 2010/04/01 4:30 p.m.62 views

CVE-2010-0845

Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

5.1CVSS6.8AI score0.04133EPSS
CVE
CVEadded 2011/02/17 7:0 p.m.62 views

CVE-2010-4475

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown v...

4.3CVSS5.5AI score0.02758EPSS
CVE
CVEadded 2010/04/01 4:30 p.m.60 views

CVE-2010-0089

Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect availability via unknown vectors.

5CVSS6.8AI score0.02925EPSS
CVE
CVEadded 2010/04/01 4:30 p.m.59 views

CVE-2010-0844

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March ...

7.5CVSS6.9AI score0.06412EPSS
CVE
CVEadded 2008/03/06 9:44 p.m.58 views

CVE-2008-1185

Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1186...

9.3CVSS8.7AI score0.20211EPSS
CVE
CVEadded 2010/04/01 4:30 p.m.58 views

CVE-2010-0849

Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Marc...

7.5CVSS7.3AI score0.0567EPSS
CVE
CVEadded 2008/03/06 9:44 p.m.57 views

CVE-2008-1188

Multiple buffer overflows in the useEncodingDecl function in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via a JNLP file with (1) a long key name in the xml header or (2) a long charset value, different is...

9.3CVSS8.9AI score0.34701EPSS
CVE
CVEadded 2010/04/01 4:30 p.m.57 views

CVE-2010-0839

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

7.5CVSS6.8AI score0.03618EPSS
CVE
CVEadded 2007/01/17 10:28 p.m.56 views

CVE-2007-0243

Buffer overflow in Sun JDK and Java Runtime Environment (JRE) 5.0 Update 9 and earlier, SDK and JRE 1.4.2_12 and earlier, and SDK and JRE 1.3.1_18 and earlier allows applets to gain privileges via a GIF image with a block with a 0 width field, which triggers memory corruption.

6.8CVSS6.5AI score0.41168EPSS
CVE
CVEadded 2007/10/06 12:17 a.m.56 views

CVE-2007-5238

Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.2_15 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to obtain sensitive information (the Java Web S...

2.6CVSS5.8AI score0.00983EPSS
CVE
CVEadded 2006/05/26 1:0 a.m.55 views

CVE-2003-1301

Sun Java Runtime Environment (JRE) 1.x before 1.4.2_11 and 1.5.x before 1.5.0_06, and as used in multiple web browsers, allows remote attackers to cause a denial of service (application crash) via deeply nested object arrays, which are not properly handled by the garbage collector and trigger inval...

5CVSS7AI score0.01171EPSS
CVE
CVEadded 2006/12/26 11:28 p.m.55 views

CVE-2006-6736

Unspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 6 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allows attackers to use untrusted applets to "access data in o...

4.3CVSS6AI score0.0136EPSS
CVE
CVEadded 2007/10/06 12:17 a.m.55 views

CVE-2007-5240

Visual truncation vulnerability in the Java Runtime Environment in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier allows remote attackers to circumvent display of the untrusted-code warning banner...

5CVSS6.1AI score0.03542EPSS
CVE
CVEadded 2007/10/08 11:17 p.m.55 views

CVE-2007-5273

Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when an HTTP proxy server is used, allows remote attackers to violate the security model for an applet's outbound ...

2.6CVSS6.1AI score0.13479EPSS
CVE
CVEadded 2005/03/14 5:0 a.m.54 views

CVE-2005-0471

Sun Java JRE 1.1.x through 1.4.x writes temporary files with long filenames that become predictable on a file system that uses 8.3 style short names, which allows remote attackers to write arbitrary files to known locations and facilitates the exploitation of vulnerabilities in applications that re...

5CVSS7.4AI score0.01395EPSS
CVE
CVEadded 2007/10/08 11:17 p.m.54 views

CVE-2007-5274

Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when Firefox or Opera is used, allows remote attackers to violate the security model for JavaScript outbound conne...

2.6CVSS6.1AI score0.13479EPSS
CVE
CVEadded 2008/03/06 9:44 p.m.54 views

CVE-2008-1193

Unspecified vulnerability in Java Runtime Environment Image Parsing Library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to gain privileges via an untrusted application.

9.3CVSS8.7AI score0.37381EPSS
CVE
CVEadded 2011/06/14 6:55 p.m.54 views

CVE-2011-0866

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality...

7.6CVSS5.5AI score0.02739EPSS
CVE
CVEadded 2007/10/05 11:17 p.m.53 views

CVE-2007-5232

Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when applet caching is enabled, allows remote attackers to violate the security model for an applet's outbound con...

4CVSS6.2AI score0.13479EPSS
CVE
CVEadded 2008/03/06 9:44 p.m.53 views

CVE-2008-1190

Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the "fourth" issue.

9.3CVSS8.7AI score0.19369EPSS
CVE
CVEadded 2008/03/06 9:44 p.m.52 views

CVE-2008-1195

Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java A...

9.3CVSS8.4AI score0.19387EPSS
CVE
CVEadded 2010/04/01 4:30 p.m.52 views

CVE-2010-0843

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March ...

7.5CVSS7.3AI score0.10009EPSS
CVE
CVEadded 2005/02/19 5:0 a.m.51 views

CVE-2004-1503

Integer overflow in the InitialDirContext in Java Runtime Environment (JRE) 1.4.2, 1.5.0 and possibly other versions allows remote attackers to cause a denial of service (Java exception and failed DNS requests) via a large number of DNS requests, which causes the xid variable to wrap around and bec...

5CVSS7.3AI score0.00928EPSS
CVE
CVEadded 2006/12/26 11:28 p.m.51 views

CVE-2006-6745

Multiple unspecified vulnerabilities in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, and Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, allow attackers to develop Java applets or applications that are able to gain privil...

9.3CVSS6.6AI score0.19218EPSS
CVE
CVEadded 2007/05/22 12:30 a.m.51 views

CVE-2007-2788

Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and ear...

6.8CVSS7.7AI score0.53676EPSS
CVE
CVEadded 2007/10/06 12:17 a.m.51 views

CVE-2007-5236

Java Web Start in Sun JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.2_15 and earlier, on Windows does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to read local files via an untrusted application.

5.4CVSS6.1AI score0.00866EPSS
CVE
CVEadded 2008/03/06 9:44 p.m.50 views

CVE-2008-1186

Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka "the second issue...

9.3CVSS8.7AI score0.20211EPSS
CVE
CVEadded 2006/12/26 11:28 p.m.49 views

CVE-2006-6731

Multiple buffer overflows in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allow attackers to develop Java applets that read, write, or e...

9.3CVSS6.8AI score0.05848EPSS
CVE
CVEadded 2008/03/06 9:44 p.m.49 views

CVE-2008-1196

Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file.

6.8CVSS8.9AI score0.34287EPSS
CVE
CVEadded 2007/10/29 7:46 p.m.48 views

CVE-2007-5689

The Java Virtual Machine (JVM) in Sun Java Runtime Environment (JRE) in SDK and JRE 1.3.x through 1.3.1_20 and 1.4.x through 1.4.2_15, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via ...

10CVSS7AI score0.08735EPSS
CVE
CVEadded 2008/03/06 9:44 p.m.47 views

CVE-2008-1189

Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the "third" issue.

6.8CVSS9AI score0.34701EPSS
CVE
CVEadded 2008/03/06 9:44 p.m.45 views

CVE-2008-1192

Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier, and 1.3.1_21 and earlier; allows remote attackers to bypass the same origin policy and "execute local applications" via unknown vectors.

6.8CVSS8.4AI score0.14809EPSS
CVE
CVEadded 2008/03/06 9:44 p.m.45 views

CVE-2008-1194

Multiple unspecified vulnerabilities in the color management library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to cause a denial of service (crash) via unknown vectors.

4.3CVSS8.5AI score0.30335EPSS
CVE
CVEadded 2006/02/09 2:2 a.m.43 views

CVE-2006-0615

Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 4 and earlier, SDK and JRE 1.4.x through 1.4.2_09 allow remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "second and third issues."

4CVSS6.9AI score0.07229EPSS
Total number of security vulnerabilities258