Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2013-2470

Summary
Assigner-oracle
Assigner Org ID-43595867-4340-4103-b7a2-9a5208d29a85
Published At-18 Jun, 2013 | 22:00
Updated At-06 Aug, 2024 | 15:36
Rejected At-
Credits

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "ImagingLib byte lookup processing."

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:oracle
Assigner Org ID:43595867-4340-4103-b7a2-9a5208d29a85
Published At:18 Jun, 2013 | 22:00
Updated At:06 Aug, 2024 | 15:36
Rejected At:
▼CVE Numbering Authority (CNA)

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "ImagingLib byte lookup processing."

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19348
vdb-entry
signature
x_refsource_OVAL
http://rhn.redhat.com/errata/RHSA-2013-1060.html
vendor-advisory
x_refsource_REDHAT
http://marc.info/?l=bugtraq&m=137545592101387&w=2
vendor-advisory
x_refsource_HP
https://access.redhat.com/errata/RHSA-2014:0414
vendor-advisory
x_refsource_REDHAT
http://security.gentoo.org/glsa/glsa-201406-32.xml
vendor-advisory
x_refsource_GENTOO
http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html
vendor-advisory
x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html
vendor-advisory
x_refsource_SUSE
http://marc.info/?l=bugtraq&m=137545505800971&w=2
vendor-advisory
x_refsource_HP
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html
vendor-advisory
x_refsource_SUSE
http://secunia.com/advisories/54154
third-party-advisory
x_refsource_SECUNIA
http://rhn.redhat.com/errata/RHSA-2013-1455.html
vendor-advisory
x_refsource_REDHAT
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880
vendor-advisory
x_refsource_HP
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880
vendor-advisory
x_refsource_HP
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19655
vdb-entry
signature
x_refsource_OVAL
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html
vendor-advisory
x_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2013-1059.html
vendor-advisory
x_refsource_REDHAT
http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/89d9ec9e80c1
x_refsource_MISC
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19517
vdb-entry
signature
x_refsource_OVAL
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html
vendor-advisory
x_refsource_SUSE
http://www.securityfocus.com/bid/60651
vdb-entry
x_refsource_BID
http://rhn.redhat.com/errata/RHSA-2013-1081.html
vendor-advisory
x_refsource_REDHAT
http://www.us-cert.gov/ncas/alerts/TA13-169A
third-party-advisory
x_refsource_CERT
http://advisories.mageia.org/MGASA-2013-0185.html
x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=975099
x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2013-0963.html
vendor-advisory
x_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html
vendor-advisory
x_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2013-1456.html
vendor-advisory
x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDVSA-2013:183
vendor-advisory
x_refsource_MANDRIVA
http://www-01.ibm.com/support/docview.wss?uid=swg21642336
x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html
vendor-advisory
x_refsource_SUSE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16806
vdb-entry
signature
x_refsource_OVAL
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19348
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1060.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://marc.info/?l=bugtraq&m=137545592101387&w=2
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: https://access.redhat.com/errata/RHSA-2014:0414
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://security.gentoo.org/glsa/glsa-201406-32.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://marc.info/?l=bugtraq&m=137545505800971&w=2
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://secunia.com/advisories/54154
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1455.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19655
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1059.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/89d9ec9e80c1
Resource:
x_refsource_MISC
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19517
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.securityfocus.com/bid/60651
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1081.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.us-cert.gov/ncas/alerts/TA13-169A
Resource:
third-party-advisory
x_refsource_CERT
Hyperlink: http://advisories.mageia.org/MGASA-2013-0185.html
Resource:
x_refsource_CONFIRM
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=975099
Resource:
x_refsource_CONFIRM
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-0963.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1456.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2013:183
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21642336
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16806
Resource:
vdb-entry
signature
x_refsource_OVAL
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19348
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://rhn.redhat.com/errata/RHSA-2013-1060.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://marc.info/?l=bugtraq&m=137545592101387&w=2
vendor-advisory
x_refsource_HP
x_transferred
https://access.redhat.com/errata/RHSA-2014:0414
vendor-advisory
x_refsource_REDHAT
x_transferred
http://security.gentoo.org/glsa/glsa-201406-32.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
x_refsource_CONFIRM
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://marc.info/?l=bugtraq&m=137545505800971&w=2
vendor-advisory
x_refsource_HP
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://secunia.com/advisories/54154
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://rhn.redhat.com/errata/RHSA-2013-1455.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880
vendor-advisory
x_refsource_HP
x_transferred
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880
vendor-advisory
x_refsource_HP
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19655
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://rhn.redhat.com/errata/RHSA-2013-1059.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/89d9ec9e80c1
x_refsource_MISC
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19517
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.securityfocus.com/bid/60651
vdb-entry
x_refsource_BID
x_transferred
http://rhn.redhat.com/errata/RHSA-2013-1081.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.us-cert.gov/ncas/alerts/TA13-169A
third-party-advisory
x_refsource_CERT
x_transferred
http://advisories.mageia.org/MGASA-2013-0185.html
x_refsource_CONFIRM
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=975099
x_refsource_CONFIRM
x_transferred
http://rhn.redhat.com/errata/RHSA-2013-0963.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://rhn.redhat.com/errata/RHSA-2013-1456.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2013:183
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://www-01.ibm.com/support/docview.wss?uid=swg21642336
x_refsource_CONFIRM
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html
vendor-advisory
x_refsource_SUSE
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16806
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19348
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1060.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=137545592101387&w=2
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: https://access.redhat.com/errata/RHSA-2014:0414
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://security.gentoo.org/glsa/glsa-201406-32.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=137545505800971&w=2
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://secunia.com/advisories/54154
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1455.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19655
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1059.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/89d9ec9e80c1
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19517
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.securityfocus.com/bid/60651
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1081.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.us-cert.gov/ncas/alerts/TA13-169A
Resource:
third-party-advisory
x_refsource_CERT
x_transferred
Hyperlink: http://advisories.mageia.org/MGASA-2013-0185.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=975099
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-0963.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1456.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2013:183
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21642336
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16806
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert_us@oracle.com
Published At:18 Jun, 2013 | 22:55
Updated At:11 Apr, 2025 | 00:51

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "ImagingLib byte lookup processing."

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
Oracle Corporation
oracle
>>jre>>Versions up to 1.7.0(inclusive)
cpe:2.3:a:oracle:jre:*:update21:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.7.0
cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.7.0
cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.7.0
cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.7.0
cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.7.0
cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.7.0
cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.7.0
cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.7.0
cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.7.0
cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.7.0
cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.7.0
cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.7.0
cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.7.0
cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.7.0
cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>Versions up to 1.7.0(inclusive)
cpe:2.3:a:oracle:jdk:*:update21:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.7.0
cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.7.0
cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.7.0
cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.7.0
cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.7.0
cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.7.0
cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.7.0
cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.7.0
cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.7.0
cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.7.0
cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.7.0
cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.7.0
cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.7.0
cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.7.0
cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>Versions up to 1.6.0(inclusive)
cpe:2.3:a:oracle:jre:*:update45:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update27:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update29:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update30:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update31:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update32:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update33:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update34:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update35:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update37:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update38:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update39:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update41:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update43:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jre>>1.6.0
cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Per: http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html 'Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets.'
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://advisories.mageia.org/MGASA-2013-0185.htmlsecalert_us@oracle.com
N/A
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880secalert_us@oracle.com
N/A
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880secalert_us@oracle.com
N/A
http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/89d9ec9e80c1secalert_us@oracle.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.htmlsecalert_us@oracle.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.htmlsecalert_us@oracle.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.htmlsecalert_us@oracle.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.htmlsecalert_us@oracle.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.htmlsecalert_us@oracle.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.htmlsecalert_us@oracle.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.htmlsecalert_us@oracle.com
N/A
http://marc.info/?l=bugtraq&m=137545505800971&w=2secalert_us@oracle.com
N/A
http://marc.info/?l=bugtraq&m=137545592101387&w=2secalert_us@oracle.com
N/A
http://rhn.redhat.com/errata/RHSA-2013-0963.htmlsecalert_us@oracle.com
N/A
http://rhn.redhat.com/errata/RHSA-2013-1059.htmlsecalert_us@oracle.com
N/A
http://rhn.redhat.com/errata/RHSA-2013-1060.htmlsecalert_us@oracle.com
N/A
http://rhn.redhat.com/errata/RHSA-2013-1081.htmlsecalert_us@oracle.com
N/A
http://rhn.redhat.com/errata/RHSA-2013-1455.htmlsecalert_us@oracle.com
N/A
http://rhn.redhat.com/errata/RHSA-2013-1456.htmlsecalert_us@oracle.com
N/A
http://secunia.com/advisories/54154secalert_us@oracle.com
N/A
http://security.gentoo.org/glsa/glsa-201406-32.xmlsecalert_us@oracle.com
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg21642336secalert_us@oracle.com
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2013:183secalert_us@oracle.com
N/A
http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.htmlsecalert_us@oracle.com
Vendor Advisory
http://www.securityfocus.com/bid/60651secalert_us@oracle.com
N/A
http://www.us-cert.gov/ncas/alerts/TA13-169Asecalert_us@oracle.com
US Government Resource
https://access.redhat.com/errata/RHSA-2014:0414secalert_us@oracle.com
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=975099secalert_us@oracle.com
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16806secalert_us@oracle.com
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19348secalert_us@oracle.com
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19517secalert_us@oracle.com
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19655secalert_us@oracle.com
N/A
http://advisories.mageia.org/MGASA-2013-0185.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880af854a3a-2127-422b-91ae-364da2661108
N/A
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880af854a3a-2127-422b-91ae-364da2661108
N/A
http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/89d9ec9e80c1af854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=137545505800971&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=137545592101387&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2013-0963.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2013-1059.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2013-1060.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2013-1081.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2013-1455.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2013-1456.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/54154af854a3a-2127-422b-91ae-364da2661108
N/A
http://security.gentoo.org/glsa/glsa-201406-32.xmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg21642336af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2013:183af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.htmlaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/bid/60651af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.us-cert.gov/ncas/alerts/TA13-169Aaf854a3a-2127-422b-91ae-364da2661108
US Government Resource
https://access.redhat.com/errata/RHSA-2014:0414af854a3a-2127-422b-91ae-364da2661108
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=975099af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16806af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19348af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19517af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19655af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://advisories.mageia.org/MGASA-2013-0185.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/89d9ec9e80c1
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=137545505800971&w=2
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=137545592101387&w=2
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-0963.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1059.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1060.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1081.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1455.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1456.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/54154
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-201406-32.xml
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21642336
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2013:183
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
Source: secalert_us@oracle.com
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/60651
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.us-cert.gov/ncas/alerts/TA13-169A
Source: secalert_us@oracle.com
Resource:
US Government Resource
Hyperlink: https://access.redhat.com/errata/RHSA-2014:0414
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=975099
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16806
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19348
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19517
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19655
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://advisories.mageia.org/MGASA-2013-0185.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/89d9ec9e80c1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=137545505800971&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=137545592101387&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-0963.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1059.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1060.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1081.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1455.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1456.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/54154
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-201406-32.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21642336
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2013:183
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/60651
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.us-cert.gov/ncas/alerts/TA13-169A
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
US Government Resource
Hyperlink: https://access.redhat.com/errata/RHSA-2014:0414
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=975099
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16806
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19348
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19517
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19655
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

600Records found
CVE-2008-4556
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-79.31% / 99.04%
||
7 Day CHG~0.00%
Published-14 Oct, 2008 | 22:00
Updated-07 Aug, 2024 | 10:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the adm_build_path function in sadmind in Sun Solstice AdminSuite on Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted request.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-solarisn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-2144
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-19.98% / 95.26%
||
7 Day CHG~0.00%
Published-12 May, 2008 | 19:00
Updated-07 Aug, 2024 | 08:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in Solaris print service for Sun Solaris 8, 9, and 10 allow remote attackers to cause a denial of service or execute arbitrary code via unknown vectors.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sunosn/a
CVE-2008-4619
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-8.93% / 92.24%
||
7 Day CHG~0.00%
Published-20 Oct, 2008 | 22:00
Updated-07 Aug, 2024 | 10:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The RPC subsystem in Sun Solaris 9 allows remote attackers to cause a denial of service (daemon crash) via a crafted request to procedure 8 in program 100000 (rpcbind), related to the XDR_DECODE operation and the taddr2uaddr function. NOTE: this might be a duplicate of CVE-2007-0165.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sunosn/a
CVE-2008-4541
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-15.79% / 94.47%
||
7 Day CHG~0.00%
Published-13 Oct, 2008 | 18:00
Updated-07 Aug, 2024 | 10:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.7 allows remote attackers to execute arbitrary code via a crafted HTTP GET request.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-java_system_web_proxy_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-0339
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-27.19% / 96.21%
||
7 Day CHG~0.00%
Published-17 Jan, 2008 | 22:00
Updated-07 Aug, 2024 | 07:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 has unknown impact and remote attack vectors, aka DB01.

Action-Not Available
Vendor-n/aOracle Corporation
Product-database_servern/a
CVE-2008-4006
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-2.33% / 84.20%
||
7 Day CHG~0.00%
Published-14 Jan, 2009 | 01:00
Updated-07 Aug, 2024 | 10:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.1.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

Action-Not Available
Vendor-n/aOracle Corporation
Product-secure_backupn/a
CVE-2014-0397
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-0.96% / 75.62%
||
7 Day CHG~0.00%
Published-06 Oct, 2014 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in libXtsol in Oracle Solaris 10 and 11.1 have unspecified impact and attack vectors related to "Buffer errors."

Action-Not Available
Vendor-n/aOracle Corporation
Product-solarisn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-4008
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-85.81% / 99.33%
||
7 Day CHG~0.00%
Published-14 Oct, 2008 | 21:00
Updated-07 Aug, 2024 | 10:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the WebLogic Server Plugins for Apache component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a stack-based buffer overflow in the WebLogic Apache Connector, related to an invalid parameter.

Action-Not Available
Vendor-n/aOracle Corporation
Product-bea_product_suiten/a
CVE-2007-5531
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.13% / 83.48%
||
7 Day CHG~0.00%
Published-17 Oct, 2007 | 23:00
Updated-07 Aug, 2024 | 15:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Help for Web, as used in Oracle Application Server, Oracle Database 10.2.0.3, and Enterprise Manager 10.1.0.6, has unknown impact and remote attack vectors, aka EM02.

Action-Not Available
Vendor-n/aOracle Corporation
Product-application_serverdatabase_serverenterprise_managern/a
CVE-2020-1747
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-2.59% / 85.02%
||
7 Day CHG~0.00%
Published-24 Mar, 2020 | 13:56
Updated-04 Aug, 2024 | 06:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor.

Action-Not Available
Vendor-pyyamlopenSUSERed Hat, Inc.Fedora ProjectOracle Corporation
Product-communications_cloud_native_core_network_function_cloud_native_environmentfedorapyyamlleapPyYAML
CWE ID-CWE-20
Improper Input Validation
CVE-2014-0410
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-5.42% / 89.77%
||
7 Day CHG~0.00%
Published-15 Jan, 2014 | 02:50
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0415, CVE-2014-0418, and CVE-2014-0424.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2022-1292
Matching Score-8
Assigner-OpenSSL Software Foundation
ShareView Details
Matching Score-8
Assigner-OpenSSL Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-49.69% / 97.73%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 15:15
Updated-13 Aug, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
The c_rehash script allows command injection

The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).

Action-Not Available
Vendor-Oracle CorporationFedora ProjectDebian GNU/LinuxOpenSSLSiemens AGNetApp, Inc.
Product-clustered_data_ontapopensslsolidfire_\&_hci_management_nodemysql_workbenchenterprise_manager_ops_centera700s_firmwaresolidfire\,_enterprise_sds_\&_hci_storage_nodeaff_500f_firmwarebrownfield_connectivity_gatewayh300e_firmwarefas_8300_firmwareaff_500ffedoraa250_firmwareh700eh500e_firmwarea250snapcenteraff_a400active_iq_unified_manageraff_8700fabric-attached_storage_a400_firmwaredebian_linuxh300ea700sfas_500f_firmwarefas_8700aff_8300h300s_firmwareaff_a400_firmwarefabric-attached_storage_a400oncommand_insightfas_8300fas_8700_firmwarefas_500fh410s_firmwaresnapmanagerh300sh700e_firmwareaff_8700_firmwareclustered_data_ontap_antivirus_connectorsantricity_smi-s_providerh700saff_8300_firmwareh500eh700s_firmwareoncommand_workflow_automationh410sh500s_firmwaresmi-s_providerh500smysql_serverOpenSSL
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2008-3551
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-5.43% / 89.78%
||
7 Day CHG~0.00%
Published-08 Aug, 2008 | 19:00
Updated-07 Aug, 2024 | 09:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in Sun Java Platform Micro Edition (aka Java ME, J2ME, or mobile Java), as distributed in Sun Wireless Toolkit 2.5.2, allow remote attackers to execute arbitrary code via unknown vectors. NOTE: as of 20080807, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a company led by a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-java_platform_micro_editionwireless_toolkitn/a
CVE-2014-0415
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-5.42% / 89.77%
||
7 Day CHG~0.00%
Published-15 Jan, 2014 | 02:50
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0410, CVE-2014-0418, and CVE-2014-0424.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2008-3870
Matching Score-8
Assigner-Flexera Software LLC
ShareView Details
Matching Score-8
Assigner-Flexera Software LLC
CVSS Score-10||HIGH
EPSS-30.62% / 96.56%
||
7 Day CHG~0.00%
Published-26 May, 2009 | 21:00
Updated-07 Aug, 2024 | 09:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request that triggers a heap-based buffer overflow, related to improper memory allocation.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-solarisn/a
CWE ID-CWE-189
Not Available
CVE-2014-0428
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-8.13% / 91.83%
||
7 Day CHG-1.36%
Published-15 Jan, 2014 | 02:50
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2015-2722
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-10||HIGH
EPSS-2.29% / 84.06%
||
7 Day CHG~0.00%
Published-06 Jul, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a shared worker.

Action-Not Available
Vendor-n/aMozilla CorporationOracle CorporationNovell
Product-solarisfirefoxfirefox_esrsuse_linux_enterprise_serversuse_linux_enterprise_desktopsuse_linux_enterprise_software_development_kitn/a
CVE-2008-3111
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-13.36% / 93.92%
||
7 Day CHG~0.00%
Published-09 Jul, 2008 | 23:00
Updated-07 Aug, 2024 | 09:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrated by (a) an application that grants itself privileges to (1) read local files, (2) write to local files, or (3) execute local programs; and as demonstrated by (b) a long value associated with a java-vm-args attribute in a j2se tag in a JNLP file, which triggers a stack-based buffer overflow in the GetVMArgsOption function; aka CR 6557220.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-jdkjresdkn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2013-5817
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-9.94% / 92.73%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 17:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2013-5610
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-10||HIGH
EPSS-0.88% / 74.44%
||
7 Day CHG~0.00%
Published-11 Dec, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Action-Not Available
Vendor-n/aMozilla CorporationopenSUSESUSEFedora ProjectOracle CorporationCanonical Ltd.
Product-solarisfedorafirefoxseamonkeyubuntu_linuxopensuselinux_enterprise_desktoplinux_enterprise_serverlinux_enterprise_software_development_kitn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2013-5787
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-4.84% / 89.12%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5789, CVE-2013-5824, CVE-2013-5832, and CVE-2013-5852.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2013-5824
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-4.84% / 89.12%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 17:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5787, CVE-2013-5789, CVE-2013-5832, and CVE-2013-5852.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2013-5809
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-20.98% / 95.43%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 17:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-5829.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2013-5830
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-14.28% / 94.14%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 17:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

Action-Not Available
Vendor-n/aRed Hat, Inc.Oracle CorporationCanonical Ltd.
Product-enterprise_linux_serverenterprise_linux_server_ausenterprise_linux_eusjrockitenterprise_linux_desktopubuntu_linuxjdkenterprise_linux_workstationjren/a
CVE-2008-3108
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-10.64% / 93.00%
||
7 Day CHG~0.00%
Published-09 Jul, 2008 | 23:00
Updated-07 Aug, 2024 | 09:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Sun Java Runtime Environment (JRE) in JDK and JRE 5.0 before Update 10, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allows context-dependent attackers to gain privileges via unspecified vectors related to font processing.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-jrejdksdkn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-5843
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-4.90% / 89.18%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 17:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JavaFX 2.2.40 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Action-Not Available
Vendor-n/aRed Hat, Inc.Oracle Corporation
Product-enterprise_linux_serverenterprise_linux_server_ausenterprise_linux_eusenterprise_linux_desktopjdkenterprise_linux_workstationjavafxjren/a
CVE-2013-5829
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-15.43% / 94.39%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 17:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-5809.

Action-Not Available
Vendor-n/aRed Hat, Inc.Oracle CorporationCanonical Ltd.
Product-enterprise_linux_serverenterprise_linux_server_ausenterprise_linux_eusenterprise_linux_desktopubuntu_linuxjdkenterprise_linux_workstationjren/a
CVE-2013-5814
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-9.94% / 92.73%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 17:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2020-14343
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-13.70% / 94.01%
||
7 Day CHG-0.92%
Published-09 Feb, 2021 | 00:00
Updated-04 Aug, 2024 | 12:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747.

Action-Not Available
Vendor-pyyamln/aOracle Corporation
Product-communications_cloud_native_core_network_function_cloud_native_environmentpyyamlPyYAML
CWE ID-CWE-20
Improper Input Validation
CVE-2013-5788
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-1.09% / 77.09%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2013-5842
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-28.61% / 96.36%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 17:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-5850.

Action-Not Available
Vendor-n/aRed Hat, Inc.Oracle CorporationCanonical Ltd.
Product-enterprise_linux_serverenterprise_linux_server_ausenterprise_linux_eusenterprise_linux_desktopubuntu_linuxjdkenterprise_linux_workstationjren/a
CVE-2013-5907
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-19.32% / 95.14%
||
7 Day CHG-6.29%
Published-15 Jan, 2014 | 01:33
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is due to incorrect input validation in LookupProcessor.cpp in the ICU Layout Engine, which allows attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted font file.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrockitjrejdkn/a
CVE-2020-14882
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-94.45% / 99.99%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 14:04
Updated-30 Jul, 2025 | 01:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-weblogic_serverWebLogic ServerWebLogic Server
CVE-2020-14855
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-5.09% / 89.40%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 14:04
Updated-26 Sep, 2024 | 20:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Administration). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Universal Work Queue. Successful attacks of this vulnerability can result in takeover of Oracle Universal Work Queue. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-universal_work_queueUniversal Work Queue
CVE-2008-3553
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-5.15% / 89.48%
||
7 Day CHG~0.00%
Published-08 Aug, 2008 | 19:00
Updated-07 Aug, 2024 | 09:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in Nokia Series 40 3rd edition devices allow remote attackers to execute arbitrary code via unknown vectors, probably related to MIDP privilege escalation and persistent MIDlets, aka "ISSUES 3-10." NOTE: as of 20080807, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a company led by a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

Action-Not Available
Vendor-n/aNokia CorporationSun Microsystems (Oracle Corporation)
Product-j2meseries_40n/a
CWE ID-CWE-264
Not Available
CVE-2015-0235
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-10||HIGH
EPSS-85.84% / 99.34%
||
7 Day CHG~0.00%
Published-28 Jan, 2015 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."

Action-Not Available
Vendor-n/aGNURed Hat, Inc.The PHP GroupApple Inc.IBM CorporationDebian GNU/LinuxOracle Corporation
Product-communications_eagle_lnp_application_processorcommunications_session_border_controllercommunications_webrtc_session_controllerphpdebian_linuxlinuxvirtualizationcommunications_eagle_application_processorexalogic_infrastructurecommunications_lsmscommunications_application_session_controllervm_virtualboxpureapplication_systemsecurity_access_manager_for_enterprise_single_sign-oncommunications_policy_managementglibcmac_os_xcommunications_user_data_repositoryn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2015-0408
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-11.78% / 93.45%
||
7 Day CHG~0.00%
Published-21 Jan, 2015 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI.

Action-Not Available
Vendor-n/aOracle CorporationopenSUSERed Hat, Inc.Debian GNU/LinuxNovellCanonical Ltd.
Product-enterprise_linuxopensuseubuntu_linuxsuse_linux_enterprise_serverjdksuse_linux_enterprise_desktopdebian_linuxjren/a
CVE-2020-14859
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-4.77% / 89.04%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 14:04
Updated-26 Sep, 2024 | 20:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-weblogic_serverWebLogic Server
CVE-2013-4316
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-10||HIGH
EPSS-7.07% / 91.13%
||
7 Day CHG~0.00%
Published-30 Sep, 2013 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Apache Struts 2.0.0 through 2.3.15.1 enables Dynamic Method Invocation by default, which has unknown impact and attack vectors.

Action-Not Available
Vendor-n/aThe Apache Software FoundationOracle Corporation
Product-strutsflexcube_private_bankingmysql_enterprise_monitorwebcenter_sitesn/a
CWE ID-CWE-284
Improper Access Control
CVE-2020-14871
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||CRITICAL
EPSS-89.80% / 99.54%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 14:04
Updated-30 Jul, 2025 | 01:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. Note: This CVE is not exploitable for Solaris 11.1 and later releases, and ZFSSA 8.7 and later releases, thus the CVSS Base Score is 0.0. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-solarisSolaris Operating SystemsolarisSolaris and Zettabyte File System (ZFS)
CWE ID-CWE-787
Out-of-bounds Write
CVE-2008-3112
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-8.38% / 91.96%
||
7 Day CHG~0.00%
Published-09 Jul, 2008 | 23:00
Updated-07 Aug, 2024 | 09:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-jdkjresdkn/a
CWE ID-CWE-264
Not Available
CVE-2008-3113
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-22.99% / 95.70%
||
7 Day CHG~0.00%
Published-09 Jul, 2008 | 23:00
Updated-07 Aug, 2024 | 09:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-jdkjresdkn/a
CWE ID-CWE-264
Not Available
CVE-2008-3257
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-78.22% / 98.98%
||
7 Day CHG~0.00%
Published-22 Jul, 2008 | 16:00
Updated-07 Aug, 2024 | 09:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and earlier allows remote attackers to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POST /.jsp" in an HTTP request.

Action-Not Available
Vendor-n/aOracle CorporationBEA Systems, Inc.
Product-apache_connector_in_weblogic_serverweblogic_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-2133
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.12% / 77.36%
||
7 Day CHG~0.00%
Published-18 Apr, 2007 | 18:00
Updated-07 Aug, 2024 | 13:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the PeopleSoft Enterprise Human Capital Management component in Oracle PeopleSoft Enterprise 8.9 has unknown impact and attack vectors, aka PSEHCM01.

Action-Not Available
Vendor-n/aOracle Corporation
Product-peoplesoft_enterprisen/a
CVE-2008-3107
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-14.53% / 94.19%
||
7 Day CHG~0.00%
Published-09 Jul, 2008 | 23:00
Updated-07 Aug, 2024 | 09:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-jdkjresdkn/a
CWE ID-CWE-264
Not Available
CVE-2008-3869
Matching Score-8
Assigner-Flexera Software LLC
ShareView Details
Matching Score-8
Assigner-Flexera Software LLC
CVSS Score-10||HIGH
EPSS-33.28% / 96.77%
||
7 Day CHG~0.00%
Published-26 May, 2009 | 21:00
Updated-07 Aug, 2024 | 09:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request, related to improper decoding of request parameters.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-solarisn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-2473
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-27.32% / 96.22%
||
7 Day CHG~0.00%
Published-18 Jun, 2013 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ByteBandedRaster size checks" in 2D.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2008-1825
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.93% / 75.13%
||
7 Day CHG~0.00%
Published-16 Apr, 2008 | 10:00
Updated-07 Aug, 2024 | 08:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3 has unknown impact and remote attack vectors, aka AS03.

Action-Not Available
Vendor-n/aOracle Corporation
Product-application_server_9in/a
CVE-2014-6549
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-1.07% / 76.85%
||
7 Day CHG~0.00%
Published-21 Jan, 2015 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2013-2420
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-6.20% / 90.49%
||
7 Day CHG~0.00%
Published-17 Apr, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient "validation of images" in share/native/sun/awt/image/awt_ImageRep.c, possibly involving offsets.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 11
  • 12
  • Next
Details not found