Filtered by vendor Canonical
Subscribe
Total
4021 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-2423 | 3 Canonical, Debian, Oracle | 4 Ubuntu Linux, Debian Linux, Jdk and 1 more | 2022-05-13 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-0458. | |||||
| CVE-2014-2412 | 3 Canonical, Debian, Oracle | 4 Ubuntu Linux, Debian Linux, Jdk and 1 more | 2022-05-13 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, SE 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT, a different vulnerability than CVE-2014-0451. | |||||
| CVE-2014-2413 | 2 Canonical, Oracle | 3 Ubuntu Linux, Jdk, Jre | 2022-05-13 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect integrity via unknown vectors related to Libraries. | |||||
| CVE-2013-4002 | 9 Apache, Canonical, Hp and 6 more | 21 Xerces2 Java, Ubuntu Linux, Hp-ux and 18 more | 2022-05-13 | 7.1 HIGH | N/A |
| XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names. | |||||
| CVE-2015-0412 | 6 Canonical, Debian, Novell and 3 more | 8 Ubuntu Linux, Debian Linux, Suse Linux Enterprise Desktop and 5 more | 2022-05-13 | 7.2 HIGH | N/A |
| Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS. | |||||
| CVE-2018-2579 | 6 Canonical, Debian, Hp and 3 more | 16 Ubuntu Linux, Debian Linux, Xp7 Command View and 13 more | 2022-05-13 | 4.3 MEDIUM | 3.7 LOW |
| Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N). | |||||
| CVE-2018-2663 | 6 Canonical, Debian, Hp and 3 more | 16 Ubuntu Linux, Debian Linux, Xp7 Command View and 13 more | 2022-05-13 | 4.3 MEDIUM | 4.3 MEDIUM |
| Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L). | |||||
| CVE-2016-0483 | 2 Canonical, Oracle | 4 Ubuntu Linux, Jdk, Jre and 1 more | 2022-05-13 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data. | |||||
| CVE-2016-0466 | 2 Canonical, Oracle | 3 Ubuntu Linux, Jdk, Jre | 2022-05-13 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect availability via vectors related to JAXP. | |||||
| CVE-2014-2398 | 5 Canonical, Debian, Ibm and 2 more | 8 Ubuntu Linux, Debian Linux, Forms Viewer and 5 more | 2022-05-13 | 3.5 LOW | N/A |
| Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and JRockit R27.8.1 and R28.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Javadoc. | |||||
| CVE-2015-0410 | 6 Canonical, Debian, Novell and 3 more | 9 Ubuntu Linux, Debian Linux, Suse Linux Enterprise Desktop and 6 more | 2022-05-13 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affect availability via unknown vectors related to Security. | |||||
| CVE-2014-2397 | 3 Canonical, Debian, Oracle | 4 Ubuntu Linux, Debian Linux, Jdk and 1 more | 2022-05-13 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | |||||
| CVE-2014-0446 | 3 Canonical, Debian, Oracle | 4 Ubuntu Linux, Debian Linux, Jdk and 1 more | 2022-05-13 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. | |||||
| CVE-2014-0455 | 4 Canonical, Ibm, Microsoft and 1 more | 5 Ubuntu Linux, Forms Viewer, Windows and 2 more | 2022-05-13 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-0432 and CVE-2014-2402. | |||||
| CVE-2014-0459 | 3 Canonical, Debian, Oracle | 4 Ubuntu Linux, Debian Linux, Jdk and 1 more | 2022-05-13 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect availability via unknown vectors related to 2D. | |||||
| CVE-2014-0458 | 3 Canonical, Debian, Oracle | 4 Ubuntu Linux, Debian Linux, Jdk and 1 more | 2022-05-13 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-2423. | |||||
| CVE-2014-2414 | 3 Canonical, Debian, Oracle | 4 Ubuntu Linux, Debian Linux, Jdk and 1 more | 2022-05-13 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXB. | |||||
| CVE-2016-0448 | 2 Canonical, Oracle | 3 Ubuntu Linux, Jdk, Jre | 2022-05-13 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66, and Java SE Embedded 8u65 allows remote authenticated users to affect confidentiality via vectors related to JMX. | |||||
| CVE-2018-2602 | 6 Canonical, Debian, Hp and 3 more | 15 Ubuntu Linux, Debian Linux, Xp7 Command View and 12 more | 2022-05-13 | 3.7 LOW | 4.5 MEDIUM |
| Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: I18n). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, Java SE Embedded executes to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L). | |||||
| CVE-2009-2625 | 7 Apache, Canonical, Debian and 4 more | 9 Xerces2 Java, Ubuntu Linux, Debian Linux and 6 more | 2022-05-13 | 5.0 MEDIUM | N/A |
| XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework. | |||||