Filtered by vendor Oracle
Subscribe
Total
9252 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-0449 | 1 Oracle | 2 Jdk, Jre | 2022-05-13 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality via unknown vectors related to Deployment. | |||||
CVE-2016-3598 | 1 Oracle | 3 Jdk, Jre, Linux | 2022-05-13 | 9.3 HIGH | 9.6 CRITICAL |
Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3610. | |||||
CVE-2016-5556 | 1 Oracle | 2 Jdk, Jre | 2022-05-13 | 9.3 HIGH | 9.6 CRITICAL |
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D. | |||||
CVE-2018-2796 | 6 Canonical, Debian, Hp and 3 more | 14 Ubuntu Linux, Debian Linux, Xp7 Command View and 11 more | 2022-05-13 | 5.0 MEDIUM | 5.3 MEDIUM |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). | |||||
CVE-2018-2678 | 6 Canonical, Debian, Hp and 3 more | 16 Ubuntu Linux, Debian Linux, Xp7 Command View and 13 more | 2022-05-13 | 4.3 MEDIUM | 4.3 MEDIUM |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L). | |||||
CVE-2014-0458 | 3 Canonical, Debian, Oracle | 4 Ubuntu Linux, Debian Linux, Jdk and 1 more | 2022-05-13 | 7.5 HIGH | N/A |
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-2423. | |||||
CVE-2018-2629 | 6 Canonical, Debian, Hp and 3 more | 16 Ubuntu Linux, Debian Linux, Xp7 Command View and 13 more | 2022-05-13 | 2.6 LOW | 5.3 MEDIUM |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N). | |||||
CVE-2018-2795 | 6 Canonical, Debian, Hp and 3 more | 14 Ubuntu Linux, Debian Linux, Xp7 Command View and 11 more | 2022-05-13 | 5.0 MEDIUM | 5.3 MEDIUM |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). | |||||
CVE-2016-5597 | 1 Oracle | 2 Jdk, Jre | 2022-05-13 | 4.3 MEDIUM | 5.9 MEDIUM |
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality via vectors related to Networking. | |||||
CVE-2014-4216 | 1 Oracle | 2 Jdk, Jre | 2022-05-13 | 9.3 HIGH | N/A |
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | |||||
CVE-2013-5904 | 3 Hp, Oracle, Redhat | 10 Hp-ux, Jdk, Jre and 7 more | 2022-05-13 | 6.8 MEDIUM | N/A |
Unspecified vulnerability in Oracle Java SE 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | |||||
CVE-2013-5805 | 1 Oracle | 2 Jdk, Jre | 2022-05-13 | 9.3 HIGH | N/A |
Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing, a different vulnerability than CVE-2013-5806. | |||||
CVE-2013-5905 | 1 Oracle | 2 Jdk, Jre | 2022-05-13 | 5.1 MEDIUM | N/A |
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install, a different vulnerability than CVE-2013-5906. | |||||
CVE-2013-5906 | 3 Hp, Oracle, Redhat | 11 Hp-ux, Jdk, Jre and 8 more | 2022-05-13 | 5.1 MEDIUM | N/A |
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install, a different vulnerability than CVE-2013-5905. | |||||
CVE-2013-5895 | 3 Hp, Oracle, Redhat | 11 Hp-ux, Jdk, Jre and 8 more | 2022-05-13 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality via unknown vectors related to JavaFX. | |||||
CVE-2013-5893 | 1 Oracle | 2 Jdk, Jre | 2022-05-13 | 9.3 HIGH | N/A |
Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to improper handling of methods in MethodHandles in HotSpot JVM, which allows attackers to escape the sandbox. | |||||
CVE-2013-5851 | 1 Oracle | 2 Jdk, Jre | 2022-05-13 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JAXP. | |||||
CVE-2013-5888 | 1 Oracle | 2 Jdk, Jre | 2022-05-13 | 4.6 MEDIUM | N/A |
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, when running with GNOME, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | |||||
CVE-2013-5887 | 1 Oracle | 2 Jdk, Jre | 2022-05-13 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect availability via unknown vectors related to Deployment. | |||||
CVE-2013-5899 | 1 Oracle | 2 Jdk, Jre | 2022-05-13 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality via unknown vectors related to Deployment. |