Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
SunSdk1.4.2 02

71 matches found

CVE
CVEadded 2011/02/17 7:0 p.m.146 views

CVE-2010-4476

The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a ...

5CVSS8.4AI score0.44456EPSS
CVE
CVEadded 2010/04/01 4:30 p.m.104 views

CVE-2010-0848

Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

7.5CVSS6.8AI score0.03647EPSS
CVE
CVEadded 2009/11/05 4:30 p.m.103 views

CVE-2009-3869

Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote at...

9.3CVSS7.8AI score0.78483EPSS
CVE
CVEadded 2009/03/25 11:30 p.m.101 views

CVE-2009-1098

Buffer overflow in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.2_19 and earlier; and 1.3.1_24 and earlier allows remote attackers to access files or execute arbitrary code via a crafted GIF image, aka CR 6804998.

9.3CVSS7.8AI score0.14591EPSS
CVE
CVEadded 2011/02/17 7:0 p.m.100 views

CVE-2010-4448

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors rel...

2.6CVSS8.3AI score0.03243EPSS
CVE
CVEadded 2008/07/09 11:41 p.m.98 views

CVE-2008-3112

Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909.

10CVSS8.6AI score0.0838EPSS
CVE
CVEadded 2009/11/05 4:30 p.m.96 views

CVE-2009-3876

Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted DER encoded data, which is not...

5CVSS6.2AI score0.10466EPSS
CVE
CVEadded 2009/03/25 11:30 p.m.94 views

CVE-2009-1094

Unspecified vulnerability in the LDAP implementation in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.1_24 and earlier; and 1.4.2_19 and earlier allows remote LDAP servers to execute arbitrary code via unknown ve...

10CVSS7.6AI score0.06268EPSS
CVE
CVEadded 2008/12/05 11:30 a.m.93 views

CVE-2008-5360

Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier creates temporary files with predictable file names, which allows attackers to write malicious JAR files via unkn...

6.4CVSS7.5AI score0.02786EPSS
CVE
CVEadded 2011/02/17 7:0 p.m.93 views

CVE-2010-4465

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, a...

10CVSS8.3AI score0.09659EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.92 views

CVE-2010-3571

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2...

10CVSS7.5AI score0.14119EPSS
CVE
CVEadded 2009/03/25 11:30 p.m.90 views

CVE-2009-1093

LdapCtx in the LDAP service in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.1_24 and earlier; and 1.4.2_19 and earlier does not close the connection when initialization fails, which allows remote attackers to ca...

5CVSS7.1AI score0.09448EPSS
CVE
CVEadded 2009/11/05 4:30 p.m.90 views

CVE-2009-3877

Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP headers, which are not pr...

5CVSS6.2AI score0.08574EPSS
CVE
CVEadded 2009/11/05 4:30 p.m.89 views

CVE-2009-3873

The JPEG Image Writer in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, related to a "quantization problem," aka Bug Id 6862968.

9.3CVSS6.5AI score0.11365EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.88 views

CVE-2010-3556

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10CVSS6.8AI score0.1145EPSS
CVE
CVEadded 2009/11/05 4:30 p.m.87 views

CVE-2009-3868

Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 does not properly parse color profiles, which allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862970.

9.3CVSS6.3AI score0.14549EPSS
CVE
CVEadded 2009/11/05 4:30 p.m.87 views

CVE-2009-3875

The MessageDigest.isEqual function in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to spoof HMAC-based digital signatures, and possi...

5CVSS6.3AI score0.02476EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.86 views

CVE-2010-3562

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2...

10CVSS7.9AI score0.15526EPSS
CVE
CVEadded 2010/04/01 4:30 p.m.85 views

CVE-2010-0084

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0091.

5CVSS6.9AI score0.01941EPSS
CVE
CVEadded 2009/11/05 4:30 p.m.84 views

CVE-2009-3874

Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file ...

9.3CVSS7.8AI score0.06624EPSS
CVE
CVEadded 2010/04/01 4:30 p.m.84 views

CVE-2010-0095

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0093.

6.8CVSS7AI score0.03647EPSS
CVE
CVEadded 2009/11/05 4:30 p.m.82 views

CVE-2009-3871

Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote ...

9.3CVSS7.9AI score0.09429EPSS
CVE
CVEadded 2011/02/17 7:0 p.m.82 views

CVE-2010-4469

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, a...

10CVSS8.5AI score0.04197EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.81 views

CVE-2010-3574

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the O...

10CVSS7.3AI score0.08474EPSS
CVE
CVEadded 2008/07/09 11:41 p.m.80 views

CVE-2008-3104

Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet's outbound conne...

6.8CVSS8.9AI score0.26301EPSS
CVE
CVEadded 2009/11/05 4:30 p.m.80 views

CVE-2009-3867

Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a long file: URL in a...

9.3CVSS7.7AI score0.88105EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.80 views

CVE-2010-3549

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the O...

6.8CVSS7.2AI score0.05715EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.79 views

CVE-2010-3569

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from t...

10CVSS7.8AI score0.16086EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.78 views

CVE-2010-3568

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from t...

10CVSS7.2AI score0.09131EPSS
CVE
CVEadded 2008/12/05 11:30 a.m.77 views

CVE-2008-5357

Integer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file, whic...

9.3CVSS8AI score0.05763EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.77 views

CVE-2010-3559

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

10CVSS7.5AI score0.1366EPSS
CVE
CVEadded 2008/07/09 11:41 p.m.76 views

CVE-2008-3108

Buffer overflow in Sun Java Runtime Environment (JRE) in JDK and JRE 5.0 before Update 10, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allows context-dependent attackers to gain privileges via unspecified vectors related to font processing.

10CVSS8.8AI score0.10642EPSS
CVE
CVEadded 2008/07/09 11:41 p.m.76 views

CVE-2008-3111

Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrated by (a) an application that grants itself privi...

10CVSS8.9AI score0.13359EPSS
CVE
CVEadded 2011/02/17 7:0 p.m.76 views

CVE-2010-4450

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Solaris and Linux; 5.0 Update 27 and earlier for Solaris and Linux; and 1.4.2_29 and earlier for Solaris and Linux allows local standalone applications to affect confi...

3.7CVSS8AI score0.00171EPSS
CVE
CVEadded 2010/04/01 4:30 p.m.75 views

CVE-2010-0842

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March ...

7.5CVSS7.4AI score0.91327EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.75 views

CVE-2010-3541

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the O...

5.1CVSS7.3AI score0.01328EPSS
CVE
CVEadded 2008/07/09 11:41 p.m.74 views

CVE-2008-3107

Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as d...

10CVSS8.6AI score0.14533EPSS
CVE
CVEadded 2010/04/01 4:30 p.m.74 views

CVE-2010-0093

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0095.

5.1CVSS7AI score0.03647EPSS
CVE
CVEadded 2010/04/01 4:30 p.m.74 views

CVE-2010-0847

Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Marc...

7.5CVSS7.5AI score0.05186EPSS
CVE
CVEadded 2008/12/05 11:30 a.m.73 views

CVE-2008-5359

Buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier might allow remote attackers to execute arbitrary code, related to a ConvolveOp operation in t...

9.3CVSS8AI score0.24847EPSS
CVE
CVEadded 2009/11/05 4:30 p.m.73 views

CVE-2009-3872

Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862969.

9.3CVSS6.2AI score0.13016EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.72 views

CVE-2010-3557

Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

6.8CVSS7.2AI score0.05715EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.72 views

CVE-2010-3565

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. O...

10CVSS7.6AI score0.09036EPSS
CVE
CVEadded 2008/07/09 11:41 p.m.71 views

CVE-2008-3113

Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077.

10CVSS8.6AI score0.22991EPSS
CVE
CVEadded 2008/07/09 11:41 p.m.71 views

CVE-2008-3114

Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074.

5CVSS8.3AI score0.03332EPSS
CVE
CVEadded 2010/04/01 4:30 p.m.71 views

CVE-2010-0082

Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

5.1CVSS6.8AI score0.03647EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.71 views

CVE-2010-3572

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10CVSS6.8AI score0.1145EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.70 views

CVE-2010-3548

Unspecified vulnerability in the Java Naming and Directory Interface (JNDI) component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors. NOTE: the previous information was obtained from the October ...

5CVSS7.1AI score0.03288EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.70 views

CVE-2010-3551

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors.

5CVSS7.1AI score0.03288EPSS
CVE
CVEadded 2011/02/17 7:0 p.m.70 views

CVE-2010-4462

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound an...

10CVSS5.8AI score0.07413EPSS
Total number of security vulnerabilities71