Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
SunSdk1.4.2 9

89 matches found

CVE
CVEadded 2011/02/17 7:0 p.m.146 views

CVE-2010-4476

The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a ...

5CVSS8.4AI score0.44456EPSS
CVE
CVEadded 2010/04/01 4:30 p.m.104 views

CVE-2010-0848

Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

7.5CVSS6.8AI score0.03647EPSS
CVE
CVEadded 2009/11/05 4:30 p.m.103 views

CVE-2009-3869

Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote at...

9.3CVSS7.8AI score0.78483EPSS
CVE
CVEadded 2009/08/05 7:30 p.m.102 views

CVE-2009-2676

Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE for Business, in JDK and JRE 6 Update 14 and earlier and JDK and JRE 5.0 Update 19 and earlier; and Java SE for Business in SDK and JRE 1.4.2_21 and earlier; allows remote attackers to create or modify arbitrary files via vector...

6.8CVSS7.2AI score0.13091EPSS
CVE
CVEadded 2011/02/17 7:0 p.m.100 views

CVE-2010-4448

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors rel...

2.6CVSS8.3AI score0.03243EPSS
CVE
CVEadded 2008/12/05 2:30 a.m.99 views

CVE-2008-2086

Sun Java Web Start and Java Plug-in for JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allow remote attackers to execute arbitrary code via a crafted jnlp file that modifies the (1) java.home, (2) java.ext.dirs, or (3) user.home Syst...

9.3CVSS7.8AI score0.23751EPSS
CVE
CVEadded 2009/11/05 4:30 p.m.96 views

CVE-2009-3876

Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted DER encoded data, which is not...

5CVSS6.2AI score0.10466EPSS
CVE
CVEadded 2008/12/05 11:30 a.m.95 views

CVE-2008-5353

The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier does not properly enforce context of ZoneInfo objects during deserialization, which allows remote attackers to run untrusted applets and applic...

10CVSS7.5AI score0.89187EPSS
CVE
CVEadded 2008/12/05 11:30 a.m.93 views

CVE-2008-5360

Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier creates temporary files with predictable file names, which allows attackers to write malicious JAR files via unkn...

6.4CVSS7.5AI score0.02786EPSS
CVE
CVEadded 2011/02/17 7:0 p.m.93 views

CVE-2010-4465

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, a...

10CVSS8.3AI score0.09659EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.92 views

CVE-2010-3571

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2...

10CVSS7.5AI score0.14119EPSS
CVE
CVEadded 2009/11/05 4:30 p.m.90 views

CVE-2009-3877

Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP headers, which are not pr...

5CVSS6.2AI score0.08574EPSS
CVE
CVEadded 2009/11/05 4:30 p.m.89 views

CVE-2009-3873

The JPEG Image Writer in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, related to a "quantization problem," aka Bug Id 6862968.

9.3CVSS6.5AI score0.11365EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.88 views

CVE-2010-3556

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10CVSS6.8AI score0.1145EPSS
CVE
CVEadded 2009/11/05 4:30 p.m.87 views

CVE-2009-3868

Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 does not properly parse color profiles, which allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862970.

9.3CVSS6.3AI score0.14549EPSS
CVE
CVEadded 2009/11/05 4:30 p.m.87 views

CVE-2009-3875

The MessageDigest.isEqual function in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to spoof HMAC-based digital signatures, and possi...

5CVSS6.3AI score0.02476EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.86 views

CVE-2010-3562

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2...

10CVSS7.9AI score0.15526EPSS
CVE
CVEadded 2010/04/01 4:30 p.m.85 views

CVE-2010-0084

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0091.

5CVSS6.9AI score0.01941EPSS
CVE
CVEadded 2008/12/05 11:30 a.m.84 views

CVE-2008-5354

Stack-based buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows locally-launched and possibly remote untrusted Java applications to execute arbitrary code via a JAR file wit...

9.3CVSS8.1AI score0.21216EPSS
CVE
CVEadded 2009/11/05 4:30 p.m.84 views

CVE-2009-3874

Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file ...

9.3CVSS7.8AI score0.06624EPSS
CVE
CVEadded 2010/04/01 4:30 p.m.84 views

CVE-2010-0095

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0093.

6.8CVSS7AI score0.03647EPSS
CVE
CVEadded 2009/11/05 4:30 p.m.82 views

CVE-2009-3871

Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote ...

9.3CVSS7.9AI score0.09429EPSS
CVE
CVEadded 2011/02/17 7:0 p.m.82 views

CVE-2010-4469

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, a...

10CVSS8.5AI score0.04197EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.81 views

CVE-2010-3574

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the O...

10CVSS7.3AI score0.08474EPSS
CVE
CVEadded 2009/11/05 4:30 p.m.80 views

CVE-2009-3867

Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a long file: URL in a...

9.3CVSS7.7AI score0.89161EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.80 views

CVE-2010-3549

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the O...

6.8CVSS7.2AI score0.05715EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.79 views

CVE-2010-3569

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from t...

10CVSS7.8AI score0.16086EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.78 views

CVE-2010-3568

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from t...

10CVSS7.2AI score0.09131EPSS
CVE
CVEadded 2008/12/05 11:30 a.m.77 views

CVE-2008-5341

Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted JWS applications to obtain the pathname of the JWS cache and the application username via unknown vectors, aka CR 6727071.

5CVSS7.3AI score0.01131EPSS
CVE
CVEadded 2008/12/05 11:30 a.m.77 views

CVE-2008-5357

Integer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file, whic...

9.3CVSS8AI score0.05763EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.77 views

CVE-2010-3559

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

10CVSS7.5AI score0.1366EPSS
CVE
CVEadded 2008/07/09 11:41 p.m.76 views

CVE-2008-3108

Buffer overflow in Sun Java Runtime Environment (JRE) in JDK and JRE 5.0 before Update 10, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allows context-dependent attackers to gain privileges via unspecified vectors related to font processing.

10CVSS8.8AI score0.10642EPSS
CVE
CVEadded 2011/02/17 7:0 p.m.76 views

CVE-2010-4450

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Solaris and Linux; 5.0 Update 27 and earlier for Solaris and Linux; and 1.4.2_29 and earlier for Solaris and Linux allows local standalone applications to affect confi...

3.7CVSS8AI score0.00171EPSS
CVE
CVEadded 2010/04/01 4:30 p.m.75 views

CVE-2010-0842

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March ...

7.5CVSS7.4AI score0.91327EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.75 views

CVE-2010-3541

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the O...

5.1CVSS7.3AI score0.01328EPSS
CVE
CVEadded 2008/12/05 11:30 a.m.74 views

CVE-2008-5339

Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted JWS applications to perform network connections to unauthorized hosts via unknown vectors, ak...

5CVSS7.4AI score0.01328EPSS
CVE
CVEadded 2008/12/05 11:30 a.m.74 views

CVE-2008-5348

Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier, when using Kerberos authentication, allows remote attackers to cause a denial of service (OS resource consumption) vi...

7.1CVSS7.3AI score0.07346EPSS
CVE
CVEadded 2010/04/01 4:30 p.m.74 views

CVE-2010-0093

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0095.

5.1CVSS7AI score0.03647EPSS
CVE
CVEadded 2010/04/01 4:30 p.m.74 views

CVE-2010-0847

Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Marc...

7.5CVSS7.5AI score0.05186EPSS
CVE
CVEadded 2008/12/05 11:30 a.m.73 views

CVE-2008-5359

Buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier might allow remote attackers to execute arbitrary code, related to a ConvolveOp operation in t...

9.3CVSS8AI score0.24847EPSS
CVE
CVEadded 2009/11/05 4:30 p.m.73 views

CVE-2009-3872

Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862969.

9.3CVSS6.2AI score0.13016EPSS
CVE
CVEadded 2007/05/22 12:30 a.m.72 views

CVE-2007-2789

The BMP image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_19 and earlier, when running on Unix/Linux syst...

4.3CVSS6.2AI score0.05299EPSS
CVE
CVEadded 2008/12/05 11:30 a.m.72 views

CVE-2008-5342

Unspecified vulnerability in the BasicService for Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted downloaded applications to cause local files to be displayed in the brow...

5CVSS7.3AI score0.01131EPSS
CVE
CVEadded 2008/12/05 11:30 a.m.72 views

CVE-2008-5350

Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted applications and applets to list the contents of the operating user's directory via unknown vectors.

5CVSS7.4AI score0.01668EPSS
CVE
CVEadded 2008/12/05 11:30 a.m.72 views

CVE-2008-5355

The "Java Update" feature for Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier does not verify the signature of the JRE that is downloaded, which allows remote attackers to execute arbitrary code ...

10CVSS7.9AI score0.1169EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.72 views

CVE-2010-3557

Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

6.8CVSS7.2AI score0.05715EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.72 views

CVE-2010-3565

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. O...

10CVSS7.6AI score0.09036EPSS
CVE
CVEadded 2010/04/01 4:30 p.m.71 views

CVE-2010-0082

Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

5.1CVSS6.8AI score0.03647EPSS
CVE
CVEadded 2010/10/19 10:0 p.m.71 views

CVE-2010-3572

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10CVSS6.8AI score0.1145EPSS
CVE
CVEadded 2008/12/05 11:30 a.m.70 views

CVE-2008-5351

Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier accepts UTF-8 encodings that are not the "shortest" form, which makes it easier for attackers to bypass protection mechanisms for other application...

7.5CVSS7.6AI score0.03276EPSS
Total number of security vulnerabilities89