Total
712 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-2989 | 3 Netapp, Oracle, Redhat | 12 E-series Santricity Os Controller, E-series Santricity Storage Manager, E-series Santricity Unified Manager and 9 more | 2022-05-13 | 4.3 MEDIUM | 6.8 MEDIUM |
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. While the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS v3.0 Base Score 6.8 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N). | |||||
CVE-2016-3422 | 1 Oracle | 2 Jdk, Jre | 2022-05-13 | 5.0 MEDIUM | 4.3 MEDIUM |
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D. | |||||
CVE-2020-14781 | 4 Debian, Netapp, Opensuse and 1 more | 16 Debian Linux, 7-mode Transition Tool, Active Iq Unified Manager and 13 more | 2022-05-13 | 4.3 MEDIUM | 3.7 LOW |
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JNDI). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N). | |||||
CVE-2015-0491 | 3 Opensuse, Oracle, Suse | 5 Opensuse, Javafx, Jdk and 2 more | 2022-05-13 | 10.0 HIGH | N/A |
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0459. | |||||
CVE-2015-0486 | 2 Opensuse, Oracle | 3 Opensuse, Jdk, Jre | 2022-05-13 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in Oracle Java SE 8u40 allows remote attackers to affect confidentiality via unknown vectors related to Deployment. | |||||
CVE-2015-0480 | 1 Oracle | 2 Jdk, Jre | 2022-05-13 | 5.8 MEDIUM | N/A |
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity and availability via unknown vectors related to Tools. | |||||
CVE-2016-3550 | 1 Oracle | 3 Jdk, Jre, Linux | 2022-05-13 | 4.3 MEDIUM | 4.3 MEDIUM |
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality via vectors related to Hotspot. | |||||
CVE-2015-0477 | 1 Oracle | 2 Jdk, Jre | 2022-05-13 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity via unknown vectors related to Beans. | |||||
CVE-2015-0458 | 3 Novell, Opensuse, Oracle | 4 Suse Linux Enterprise Desktop, Opensuse, Jdk and 1 more | 2022-05-13 | 7.6 HIGH | N/A |
Unspecified vulnerability in in Oracle Java SE 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | |||||
CVE-2014-0460 | 4 Canonical, Debian, Juniper and 1 more | 6 Ubuntu Linux, Debian Linux, Junos Space and 3 more | 2022-05-13 | 5.8 MEDIUM | N/A |
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI. | |||||
CVE-2015-0460 | 1 Oracle | 2 Jdk, Jre | 2022-05-13 | 9.3 HIGH | N/A |
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | |||||
CVE-2015-0403 | 2 Novell, Oracle | 3 Suse Linux Enterprise Desktop, Jdk, Jre | 2022-05-13 | 6.9 MEDIUM | N/A |
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | |||||
CVE-2014-0453 | 6 Canonical, Debian, Ibm and 3 more | 8 Ubuntu Linux, Debian Linux, Forms Viewer and 5 more | 2022-05-13 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security. | |||||
CVE-2015-0406 | 2 Novell, Oracle | 3 Suse Linux Enterprise Desktop, Jdk, Jre | 2022-05-13 | 5.8 MEDIUM | N/A |
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality and availability via unknown vectors related to Deployment. | |||||
CVE-2015-0407 | 5 Canonical, Debian, Fedoraproject and 2 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2022-05-13 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Swing. | |||||
CVE-2015-0408 | 6 Canonical, Debian, Novell and 3 more | 8 Ubuntu Linux, Debian Linux, Suse Linux Enterprise Desktop and 5 more | 2022-05-13 | 10.0 HIGH | N/A |
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. | |||||
CVE-2015-0395 | 6 Canonical, Debian, Novell and 3 more | 7 Ubuntu Linux, Debian Linux, Suse Linux Enterprise Server and 4 more | 2022-05-13 | 9.3 HIGH | N/A |
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | |||||
CVE-2018-2811 | 3 Oracle, Redhat, Schneider-electric | 5 Jdk, Jre, Enterprise Linux Server and 2 more | 2022-05-13 | 3.7 LOW | 7.7 HIGH |
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Install). Supported versions that are affected are Java SE: 8u162 and 10. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE executes to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: Applies to installation process on client deployment of Java. CVSS 3.0 Base Score 7.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H). | |||||
CVE-2014-6585 | 1 Oracle | 2 Jdk, Jre | 2022-05-13 | 2.6 LOW | N/A |
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6591. | |||||
CVE-2016-0686 | 1 Oracle | 2 Jdk, Jre | 2022-05-13 | 10.0 HIGH | 9.6 CRITICAL |
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization. |