Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2014-4227

Summary
Assigner-oracle
Assigner Org ID-43595867-4340-4103-b7a2-9a5208d29a85
Published At-17 Jul, 2014 | 02:36
Updated At-06 Aug, 2024 | 11:12
Rejected At-
Credits

Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:oracle
Assigner Org ID:43595867-4340-4103-b7a2-9a5208d29a85
Published At:17 Jul, 2014 | 02:36
Updated At:06 Aug, 2024 | 11:12
Rejected At:
▼CVE Numbering Authority (CNA)

Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
x_refsource_CONFIRM
http://www.securityfocus.com/bid/68603
vdb-entry
x_refsource_BID
http://www.securitytracker.com/id/1030577
vdb-entry
x_refsource_SECTRACK
http://secunia.com/advisories/59987
third-party-advisory
x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=140852974709252&w=2
vendor-advisory
x_refsource_HP
http://www.securityfocus.com/archive/1/534161/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://secunia.com/advisories/59986
third-party-advisory
x_refsource_SECUNIA
http://rhn.redhat.com/errata/RHSA-2015-0264.html
vendor-advisory
x_refsource_REDHAT
http://secunia.com/advisories/60245
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/60817
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/59924
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/61577
third-party-advisory
x_refsource_SECUNIA
https://access.redhat.com/errata/RHSA-2014:0908
vendor-advisory
x_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html
vendor-advisory
x_refsource_SUSE
http://marc.info/?l=bugtraq&m=140852974709252&w=2
vendor-advisory
x_refsource_HP
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
x_refsource_CONFIRM
http://secunia.com/advisories/59680
third-party-advisory
x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg21686383
x_refsource_CONFIRM
http://seclists.org/fulldisclosure/2014/Dec/23
mailing-list
x_refsource_FULLDISC
http://www-01.ibm.com/support/docview.wss?uid=swg21680334
x_refsource_CONFIRM
http://secunia.com/advisories/60622
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/60081
third-party-advisory
x_refsource_SECUNIA
https://access.redhat.com/errata/RHSA-2014:0902
vendor-advisory
x_refsource_REDHAT
http://secunia.com/advisories/61640
third-party-advisory
x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg21686824
x_refsource_CONFIRM
http://security.gentoo.org/glsa/glsa-201502-12.xml
vendor-advisory
x_refsource_GENTOO
http://secunia.com/advisories/60317
third-party-advisory
x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html
vendor-advisory
x_refsource_SUSE
https://exchange.xforce.ibmcloud.com/vulnerabilities/94588
vdb-entry
x_refsource_XF
http://secunia.com/advisories/59404
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vmware.com/security/advisories/VMSA-2014-0012.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/68603
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.securitytracker.com/id/1030577
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://secunia.com/advisories/59987
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://marc.info/?l=bugtraq&m=140852974709252&w=2
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://www.securityfocus.com/archive/1/534161/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://secunia.com/advisories/59986
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-0264.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://secunia.com/advisories/60245
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/60817
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/59924
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/61577
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://access.redhat.com/errata/RHSA-2014:0908
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://marc.info/?l=bugtraq&m=140852974709252&w=2
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/59680
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21686383
Resource:
x_refsource_CONFIRM
Hyperlink: http://seclists.org/fulldisclosure/2014/Dec/23
Resource:
mailing-list
x_refsource_FULLDISC
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21680334
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/60622
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/60081
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://access.redhat.com/errata/RHSA-2014:0902
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://secunia.com/advisories/61640
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21686824
Resource:
x_refsource_CONFIRM
Hyperlink: http://security.gentoo.org/glsa/glsa-201502-12.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://secunia.com/advisories/60317
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/94588
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://secunia.com/advisories/59404
Resource:
third-party-advisory
x_refsource_SECUNIA
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/bid/68603
vdb-entry
x_refsource_BID
x_transferred
http://www.securitytracker.com/id/1030577
vdb-entry
x_refsource_SECTRACK
x_transferred
http://secunia.com/advisories/59987
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://marc.info/?l=bugtraq&m=140852974709252&w=2
vendor-advisory
x_refsource_HP
x_transferred
http://www.securityfocus.com/archive/1/534161/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://secunia.com/advisories/59986
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://rhn.redhat.com/errata/RHSA-2015-0264.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://secunia.com/advisories/60245
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/60817
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/59924
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/61577
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://access.redhat.com/errata/RHSA-2014:0908
vendor-advisory
x_refsource_REDHAT
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://marc.info/?l=bugtraq&m=140852974709252&w=2
vendor-advisory
x_refsource_HP
x_transferred
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/59680
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www-01.ibm.com/support/docview.wss?uid=swg21686383
x_refsource_CONFIRM
x_transferred
http://seclists.org/fulldisclosure/2014/Dec/23
mailing-list
x_refsource_FULLDISC
x_transferred
http://www-01.ibm.com/support/docview.wss?uid=swg21680334
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/60622
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/60081
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://access.redhat.com/errata/RHSA-2014:0902
vendor-advisory
x_refsource_REDHAT
x_transferred
http://secunia.com/advisories/61640
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www-01.ibm.com/support/docview.wss?uid=swg21686824
x_refsource_CONFIRM
x_transferred
http://security.gentoo.org/glsa/glsa-201502-12.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://secunia.com/advisories/60317
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html
vendor-advisory
x_refsource_SUSE
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/94588
vdb-entry
x_refsource_XF
x_transferred
http://secunia.com/advisories/59404
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vmware.com/security/advisories/VMSA-2014-0012.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/68603
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.securitytracker.com/id/1030577
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://secunia.com/advisories/59987
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=140852974709252&w=2
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/534161/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://secunia.com/advisories/59986
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-0264.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://secunia.com/advisories/60245
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/60817
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/59924
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/61577
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://access.redhat.com/errata/RHSA-2014:0908
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=140852974709252&w=2
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/59680
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21686383
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://seclists.org/fulldisclosure/2014/Dec/23
Resource:
mailing-list
x_refsource_FULLDISC
x_transferred
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21680334
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/60622
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/60081
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://access.redhat.com/errata/RHSA-2014:0902
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://secunia.com/advisories/61640
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21686824
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://security.gentoo.org/glsa/glsa-201502-12.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://secunia.com/advisories/60317
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/94588
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://secunia.com/advisories/59404
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert_us@oracle.com
Published At:17 Jul, 2014 | 05:10
Updated At:12 Apr, 2025 | 10:46

Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
Oracle Corporation
oracle
>>jdk>>1.6.0
cpe:2.3:a:oracle:jdk:1.6.0:update75:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.7.0
cpe:2.3:a:oracle:jdk:1.7.0:update60:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.8.0
cpe:2.3:a:oracle:jdk:1.8.0:update5:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update75:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.7.0
cpe:2.3:a:oracle:jre:1.7.0:update60:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.8.0
cpe:2.3:a:oracle:jre:1.8.0:update5:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Per: http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html "Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets."
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.htmlsecalert_us@oracle.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.htmlsecalert_us@oracle.com
N/A
http://marc.info/?l=bugtraq&m=140852974709252&w=2secalert_us@oracle.com
N/A
http://marc.info/?l=bugtraq&m=140852974709252&w=2secalert_us@oracle.com
N/A
http://rhn.redhat.com/errata/RHSA-2015-0264.htmlsecalert_us@oracle.com
N/A
http://seclists.org/fulldisclosure/2014/Dec/23secalert_us@oracle.com
N/A
http://secunia.com/advisories/59404secalert_us@oracle.com
N/A
http://secunia.com/advisories/59680secalert_us@oracle.com
N/A
http://secunia.com/advisories/59924secalert_us@oracle.com
N/A
http://secunia.com/advisories/59986secalert_us@oracle.com
N/A
http://secunia.com/advisories/59987secalert_us@oracle.com
N/A
http://secunia.com/advisories/60081secalert_us@oracle.com
N/A
http://secunia.com/advisories/60245secalert_us@oracle.com
N/A
http://secunia.com/advisories/60317secalert_us@oracle.com
N/A
http://secunia.com/advisories/60622secalert_us@oracle.com
N/A
http://secunia.com/advisories/60817secalert_us@oracle.com
N/A
http://secunia.com/advisories/61577secalert_us@oracle.com
N/A
http://secunia.com/advisories/61640secalert_us@oracle.com
N/A
http://security.gentoo.org/glsa/glsa-201502-12.xmlsecalert_us@oracle.com
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg21680334secalert_us@oracle.com
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg21686383secalert_us@oracle.com
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg21686824secalert_us@oracle.com
N/A
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.htmlsecalert_us@oracle.com
Vendor Advisory
http://www.securityfocus.com/archive/1/534161/100/0/threadedsecalert_us@oracle.com
N/A
http://www.securityfocus.com/bid/68603secalert_us@oracle.com
N/A
http://www.securitytracker.com/id/1030577secalert_us@oracle.com
N/A
http://www.vmware.com/security/advisories/VMSA-2014-0012.htmlsecalert_us@oracle.com
N/A
https://access.redhat.com/errata/RHSA-2014:0902secalert_us@oracle.com
N/A
https://access.redhat.com/errata/RHSA-2014:0908secalert_us@oracle.com
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/94588secalert_us@oracle.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=140852974709252&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=140852974709252&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2015-0264.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://seclists.org/fulldisclosure/2014/Dec/23af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/59404af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/59680af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/59924af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/59986af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/59987af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/60081af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/60245af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/60317af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/60622af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/60817af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/61577af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/61640af854a3a-2127-422b-91ae-364da2661108
N/A
http://security.gentoo.org/glsa/glsa-201502-12.xmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg21680334af854a3a-2127-422b-91ae-364da2661108
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg21686383af854a3a-2127-422b-91ae-364da2661108
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg21686824af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.htmlaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/archive/1/534161/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/68603af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securitytracker.com/id/1030577af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vmware.com/security/advisories/VMSA-2014-0012.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
https://access.redhat.com/errata/RHSA-2014:0902af854a3a-2127-422b-91ae-364da2661108
N/A
https://access.redhat.com/errata/RHSA-2014:0908af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/94588af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=140852974709252&w=2
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=140852974709252&w=2
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-0264.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://seclists.org/fulldisclosure/2014/Dec/23
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/59404
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/59680
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/59924
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/59986
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/59987
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/60081
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/60245
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/60317
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/60622
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/60817
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/61577
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/61640
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-201502-12.xml
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21680334
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21686383
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21686824
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
Source: secalert_us@oracle.com
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/archive/1/534161/100/0/threaded
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/68603
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1030577
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.vmware.com/security/advisories/VMSA-2014-0012.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2014:0902
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2014:0908
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/94588
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=140852974709252&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=140852974709252&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2015-0264.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://seclists.org/fulldisclosure/2014/Dec/23
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/59404
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/59680
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/59924
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/59986
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/59987
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/60081
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/60245
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/60317
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/60622
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/60817
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/61577
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/61640
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-201502-12.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21680334
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21686383
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21686824
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/archive/1/534161/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/68603
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1030577
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vmware.com/security/advisories/VMSA-2014-0012.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2014:0902
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2014:0908
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/94588
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

409Records found
CVE-2008-5457
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-83.27% / 99.22%
||
7 Day CHG~0.00%
Published-14 Jan, 2009 | 02:00
Updated-07 Aug, 2024 | 10:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins for Apache, Sun and IIS web servers component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

Action-Not Available
Vendor-n/aOracle Corporation
Product-bea_product_suiten/a
CVE-2008-5449
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-4.50% / 88.68%
||
7 Day CHG~0.00%
Published-14 Jan, 2009 | 01:00
Updated-07 Aug, 2024 | 10:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2008-5444 and CVE-2008-5448.

Action-Not Available
Vendor-n/aOracle Corporation
Product-secure_backupn/a
CVE-2008-5448
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-84.01% / 99.26%
||
7 Day CHG~0.00%
Published-14 Jan, 2009 | 01:00
Updated-07 Aug, 2024 | 10:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2008-5444 and CVE-2008-5449.

Action-Not Available
Vendor-n/aOracle Corporation
Product-secure_backupn/a
CVE-2015-0235
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-10||HIGH
EPSS-85.84% / 99.34%
||
7 Day CHG~0.00%
Published-28 Jan, 2015 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."

Action-Not Available
Vendor-n/aGNURed Hat, Inc.The PHP GroupApple Inc.IBM CorporationDebian GNU/LinuxOracle Corporation
Product-communications_eagle_lnp_application_processorcommunications_session_border_controllercommunications_webrtc_session_controllerphpdebian_linuxlinuxvirtualizationcommunications_eagle_application_processorexalogic_infrastructurecommunications_lsmscommunications_application_session_controllervm_virtualboxpureapplication_systemsecurity_access_manager_for_enterprise_single_sign-oncommunications_policy_managementglibcmac_os_xcommunications_user_data_repositoryn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2015-0408
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-11.78% / 93.44%
||
7 Day CHG~0.00%
Published-21 Jan, 2015 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI.

Action-Not Available
Vendor-n/aOracle CorporationopenSUSERed Hat, Inc.Debian GNU/LinuxNovellCanonical Ltd.
Product-enterprise_linuxopensuseubuntu_linuxsuse_linux_enterprise_serverjdksuse_linux_enterprise_desktopdebian_linuxjren/a
CVE-2015-0469
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-9.20% / 92.38%
||
7 Day CHG~0.00%
Published-16 Apr, 2015 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2015-0459
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-10.71% / 93.03%
||
7 Day CHG~0.00%
Published-16 Apr, 2015 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0491.

Action-Not Available
Vendor-n/aOracle CorporationNovellopenSUSE
Product-opensusejdksuse_linux_enterprise_desktopjavafxjren/a
CVE-2015-0491
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-8.40% / 91.94%
||
7 Day CHG~0.00%
Published-16 Apr, 2015 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0459.

Action-Not Available
Vendor-n/aOracle CorporationopenSUSESUSE
Product-opensusejdksuse_linux_enterprise_desktopjavafxjren/a
CVE-2014-8873
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-7.64% / 91.50%
||
7 Day CHG~0.00%
Published-09 Nov, 2015 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A .desktop file in the Debian openjdk-7 package 7u79-2.5.5-1~deb8u1 includes a MIME type registration that is added to /etc/mailcap by mime-support, which allows remote attackers to execute arbitrary code via a JAR file.

Action-Not Available
Vendor-n/aOracle Corporation
Product-openjdkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-5444
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-79.04% / 99.03%
||
7 Day CHG~0.00%
Published-14 Jan, 2009 | 01:00
Updated-07 Aug, 2024 | 10:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2008-5448 and CVE-2008-5449.

Action-Not Available
Vendor-n/aOracle Corporation
Product-secure_backupn/a
CVE-2014-7169
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-90.11% / 99.56%
||
7 Day CHG+1.59%
Published-25 Sep, 2014 | 01:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-07-28||Apply updates per vendor instructions.

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.

Action-Not Available
Vendor-mageian/aIBM CorporationVMware (Broadcom Inc.)F5, Inc.Oracle CorporationNovellCitrix (Cloud Software Group, Inc.)SUSEApple Inc.Red Hat, Inc.openSUSEDebian GNU/LinuxArista Networks, Inc.Check Point Software Technologies Ltd.GNUQNAP Systems, Inc.Canonical Ltd.
Product-san_volume_controller_firmwaresmartcloud_entry_appliancesmartcloud_provisioningenterprise_managerbig-ip_local_traffic_managerarxenterprise_linux_for_power_big_endianstorwize_v5000_firmwareenterprise_linux_server_ausbig-ip_edge_gatewayzenworks_configuration_managementarx_firmwarebig-ip_application_acceleration_managerbig-ip_application_security_managerbig-ip_global_traffic_managerbig-ip_webacceleratorstorwize_v3500_firmwareenterprise_linuxenterprise_linux_serversecurity_access_manager_for_web_7.0_firmwarebig-ip_analyticsqtsstn6500virtualizationsan_volume_controllerenterprise_linux_for_ibm_z_systemsstudio_onsiteubuntu_linuxesxstorwize_v3700_firmwarestn6800_firmwareenterprise_linux_server_tusinfosphere_guardium_database_activity_monitoringbig-iq_devicelinux_enterprise_serverbig-ip_access_policy_managerstorwize_v5000stn6800qradar_vulnerability_managersecurity_access_manager_for_web_8.0_firmwaredebian_linuxlinuxbig-iq_securitystarter_kit_for_cloudqradar_security_information_and_event_managerqradar_risk_managerbig-ip_link_controllernetscaler_sdxpureapplication_systembig-ip_wan_optimization_manageropensuseopen_enterprise_serverenterprise_linux_desktopsoftware_defined_network_for_virtual_environmentsmageiaeosstorwize_v3500storwize_v7000mac_os_xtraffix_signaling_delivery_controllerenterprise_linux_eussecurity_gatewaybashnetscaler_sdx_firmwarestn7800_firmwareenterprise_linux_for_power_big_endian_euslinux_enterprise_desktopstn6500_firmwarebig-ip_advanced_firewall_managerbig-iq_cloudlinux_enterprise_software_development_kitbig-ip_protocol_security_modulestorwize_v7000_firmwareworkload_deployersecurity_access_manager_for_mobile_8.0_firmwarestn7800enterprise_linux_for_scientific_computingstorwize_v3700enterprise_linux_server_from_rhuienterprise_linux_workstationflex_system_v7000gluster_storage_server_for_on-premisevcenter_server_appliancebig-ip_policy_enforcement_managerflex_system_v7000_firmwaren/aBourne-Again Shell (Bash)
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2014-6601
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-14.10% / 94.09%
||
7 Day CHG~0.00%
Published-21 Jan, 2015 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

Action-Not Available
Vendor-n/aOracle CorporationopenSUSERed Hat, Inc.Debian GNU/LinuxNovellCanonical Ltd.
Product-enterprise_linuxopensuseubuntu_linuxsuse_linux_enterprise_serverjdksuse_linux_enterprise_desktopdebian_linuxjren/a
CVE-2014-6271
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-9.8||CRITICAL
EPSS-94.14% / 99.90%
||
7 Day CHG~0.00%
Published-24 Sep, 2014 | 18:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-07-28||Apply updates per vendor instructions.

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.

Action-Not Available
Vendor-mageian/aIBM CorporationVMware (Broadcom Inc.)F5, Inc.Oracle CorporationNovellCitrix (Cloud Software Group, Inc.)SUSEApple Inc.Red Hat, Inc.openSUSEDebian GNU/LinuxArista Networks, Inc.Check Point Software Technologies Ltd.GNUQNAP Systems, Inc.Canonical Ltd.
Product-san_volume_controller_firmwaresmartcloud_entry_appliancesmartcloud_provisioningenterprise_managerbig-ip_local_traffic_managerarxenterprise_linux_for_power_big_endianstorwize_v5000_firmwareenterprise_linux_server_ausbig-ip_edge_gatewayzenworks_configuration_managementarx_firmwarebig-ip_application_acceleration_managerbig-ip_application_security_managerbig-ip_global_traffic_managerbig-ip_webacceleratorstorwize_v3500_firmwareenterprise_linuxenterprise_linux_serversecurity_access_manager_for_web_7.0_firmwarebig-ip_analyticsqtsstn6500virtualizationsan_volume_controllerenterprise_linux_for_ibm_z_systemsstudio_onsiteubuntu_linuxesxstorwize_v3700_firmwarestn6800_firmwareenterprise_linux_server_tusinfosphere_guardium_database_activity_monitoringbig-iq_devicelinux_enterprise_serverbig-ip_access_policy_managerstorwize_v5000stn6800qradar_vulnerability_managersecurity_access_manager_for_web_8.0_firmwaredebian_linuxlinuxbig-iq_securitystarter_kit_for_cloudqradar_security_information_and_event_managerqradar_risk_managerbig-ip_link_controllernetscaler_sdxpureapplication_systembig-ip_wan_optimization_manageropensuseopen_enterprise_serverenterprise_linux_desktopsoftware_defined_network_for_virtual_environmentsmageiaeosstorwize_v3500storwize_v7000mac_os_xtraffix_signaling_delivery_controllerenterprise_linux_eussecurity_gatewaybashnetscaler_sdx_firmwarestn7800_firmwareenterprise_linux_for_power_big_endian_euslinux_enterprise_desktopstn6500_firmwarebig-ip_advanced_firewall_managerbig-iq_cloudlinux_enterprise_software_development_kitbig-ip_protocol_security_modulestorwize_v7000_firmwareworkload_deployersecurity_access_manager_for_mobile_8.0_firmwarestn7800enterprise_linux_for_scientific_computingstorwize_v3700enterprise_linux_server_from_rhuienterprise_linux_workstationflex_system_v7000gluster_storage_server_for_on-premisevcenter_server_appliancebig-ip_policy_enforcement_managerflex_system_v7000_firmwaren/aBourne-Again Shell (Bash)
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2014-2405
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-0.83% / 73.53%
||
7 Day CHG~0.00%
Published-14 May, 2014 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-0462.

Action-Not Available
Vendor-n/aDebian GNU/LinuxOracle CorporationCanonical Ltd.
Product-debian_linuxubuntu_linuxopenjdkn/a
CVE-2014-2421
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-8.19% / 91.84%
||
7 Day CHG~0.00%
Published-16 Apr, 2014 | 02:05
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Action-Not Available
Vendor-n/aJuniper Networks, Inc.IBM CorporationCanonical Ltd.Debian GNU/LinuxOracle CorporationMicrosoft Corporation
Product-junos_spacejrockitubuntu_linuxjdkforms_viewerwindowsdebian_linuxjren/a
CVE-2014-1528
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-10||HIGH
EPSS-1.12% / 77.31%
||
7 Day CHG~0.00%
Published-30 Apr, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sse2_composite_src_x888_8888 function in Pixman, as used in Cairo in Mozilla Firefox 28.0 and SeaMonkey 2.25 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by painting on a CANVAS element.

Action-Not Available
Vendor-n/aMozilla CorporationopenSUSEFedora ProjectCanonical Ltd.Oracle CorporationMicrosoft Corporation
Product-solarisfirefoxopensuseseamonkeyubuntu_linuxfedorawindowsn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-4008
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-85.81% / 99.33%
||
7 Day CHG~0.00%
Published-14 Oct, 2008 | 21:00
Updated-07 Aug, 2024 | 10:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the WebLogic Server Plugins for Apache component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a stack-based buffer overflow in the WebLogic Apache Connector, related to an invalid parameter.

Action-Not Available
Vendor-n/aOracle Corporation
Product-bea_product_suiten/a
CVE-2014-1488
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-10||HIGH
EPSS-1.09% / 77.00%
||
7 Day CHG~0.00%
Published-06 Feb, 2014 | 02:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with use of asm.js.

Action-Not Available
Vendor-n/aMozilla CorporationopenSUSESUSEOracle CorporationCanonical Ltd.
Product-solarisfirefoxopensuseseamonkeyubuntu_linuxlinux_enterprise_desktoplinux_enterprise_serverlinux_enterprise_software_development_kitn/a
CVE-2014-1563
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-10||HIGH
EPSS-1.15% / 77.65%
||
7 Day CHG~0.00%
Published-03 Sep, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation with DOM interaction that triggers incorrect cycle collection.

Action-Not Available
Vendor-n/aMozilla CorporationOracle CorporationopenSUSE
Product-solarisfirefoxopensuseevergreenthunderbirdn/a
CWE ID-CWE-416
Use After Free
CVE-1999-0046
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.53% / 87.19%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow of rlogin program using TERM environmental variable.

Action-Not Available
Vendor-digitalbsdinextn/aNetBSDIBM CorporationDebian GNU/LinuxOracle CorporationFreeBSD FoundationSun Microsystems (Oracle Corporation)HP Inc.
Product-bsd_osnetbsdhp-uxaixsolarisultrixsunosdebian_linuxfreebsdnextstepn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-2394
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-90.66% / 99.60%
||
7 Day CHG~0.00%
Published-20 Jul, 2021 | 22:44
Updated-26 Sep, 2024 | 14:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-weblogic_serverWebLogic Server
CVE-2014-0428
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-8.13% / 91.81%
||
7 Day CHG-1.36%
Published-15 Jan, 2014 | 02:50
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2014-0429
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-8.81% / 92.16%
||
7 Day CHG~0.00%
Published-15 Apr, 2014 | 22:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Action-Not Available
Vendor-n/aJuniper Networks, Inc.IBM CorporationCanonical Ltd.Debian GNU/LinuxOracle CorporationMicrosoft Corporation
Product-junos_spacejrockitubuntu_linuxjdkforms_viewerwindowsdebian_linuxjren/a
CVE-2014-0410
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-5.42% / 89.76%
||
7 Day CHG~0.00%
Published-15 Jan, 2014 | 02:50
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0415, CVE-2014-0418, and CVE-2014-0424.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2014-0415
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-5.42% / 89.76%
||
7 Day CHG~0.00%
Published-15 Jan, 2014 | 02:50
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0410, CVE-2014-0418, and CVE-2014-0424.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2014-0422
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-8.13% / 91.81%
||
7 Day CHG-1.36%
Published-15 Jan, 2014 | 02:50
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to missing package access checks in the Naming / JNDI component, which allows attackers to escape the sandbox.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2014-0397
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-0.96% / 75.60%
||
7 Day CHG~0.00%
Published-06 Oct, 2014 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in libXtsol in Oracle Solaris 10 and 11.1 have unspecified impact and attack vectors related to "Buffer errors."

Action-Not Available
Vendor-n/aOracle Corporation
Product-solarisn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-0456
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-8.19% / 91.84%
||
7 Day CHG~0.00%
Published-16 Apr, 2014 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

Action-Not Available
Vendor-n/aJuniper Networks, Inc.IBM CorporationCanonical Ltd.Debian GNU/LinuxOracle CorporationMicrosoft Corporation
Product-junos_spacejrockitubuntu_linuxjdkforms_viewerwindowsdebian_linuxjren/a
CVE-2008-4006
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-2.33% / 84.19%
||
7 Day CHG~0.00%
Published-14 Jan, 2009 | 01:00
Updated-07 Aug, 2024 | 10:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.1.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

Action-Not Available
Vendor-n/aOracle Corporation
Product-secure_backupn/a
CVE-2002-1641
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-13.22% / 93.87%
||
7 Day CHG~0.00%
Published-28 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in Oracle Web Cache for Oracle 9i Application Server (9iAS) allow remote attackers to execute arbitrary code via unknown vectors.

Action-Not Available
Vendor-n/aOracle Corporation
Product-application_server_web_cachen/a
CVE-2001-0249
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.99% / 87.95%
||
7 Day CHG~0.00%
Published-24 May, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings.

Action-Not Available
Vendor-n/aOracle CorporationSilicon Graphics, Inc.HP Inc.
Product-solarishp-uxirixn/a
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CVE-2015-2737
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-10||HIGH
EPSS-0.95% / 75.34%
||
7 Day CHG~0.00%
Published-06 Jul, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.

Action-Not Available
Vendor-n/aMozilla CorporationSUSEDebian GNU/LinuxOracle CorporationCanonical Ltd.
Product-solarisfirefoxfirefox_esrubuntu_linuxsuse_linux_enterprise_serverlinux_enterprise_desktopthunderbirddebian_linuxlinux_enterprise_serverlinux_enterprise_software_development_kitn/a
CVE-2013-5830
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-14.28% / 94.14%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 17:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

Action-Not Available
Vendor-n/aRed Hat, Inc.Oracle CorporationCanonical Ltd.
Product-enterprise_linux_serverenterprise_linux_server_ausenterprise_linux_eusjrockitenterprise_linux_desktopubuntu_linuxjdkenterprise_linux_workstationjren/a
CVE-2013-5843
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-4.90% / 89.18%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 17:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JavaFX 2.2.40 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Action-Not Available
Vendor-n/aRed Hat, Inc.Oracle Corporation
Product-enterprise_linux_serverenterprise_linux_server_ausenterprise_linux_eusenterprise_linux_desktopjdkenterprise_linux_workstationjavafxjren/a
CVE-2013-5817
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-9.94% / 92.73%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 17:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2013-5842
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-28.61% / 96.36%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 17:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-5850.

Action-Not Available
Vendor-n/aRed Hat, Inc.Oracle CorporationCanonical Ltd.
Product-enterprise_linux_serverenterprise_linux_server_ausenterprise_linux_eusenterprise_linux_desktopubuntu_linuxjdkenterprise_linux_workstationjren/a
CVE-2013-5829
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-15.43% / 94.38%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 17:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-5809.

Action-Not Available
Vendor-n/aRed Hat, Inc.Oracle CorporationCanonical Ltd.
Product-enterprise_linux_serverenterprise_linux_server_ausenterprise_linux_eusenterprise_linux_desktopubuntu_linuxjdkenterprise_linux_workstationjren/a
CVE-2013-5789
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-4.84% / 89.11%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5787, CVE-2013-5824, CVE-2013-5832, and CVE-2013-5852.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2013-5814
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-9.94% / 92.73%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 17:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2013-5787
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-4.84% / 89.11%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5789, CVE-2013-5824, CVE-2013-5832, and CVE-2013-5852.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2013-5809
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-20.98% / 95.43%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 17:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-5829.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2013-5907
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-19.32% / 95.14%
||
7 Day CHG-6.29%
Published-15 Jan, 2014 | 01:33
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is due to incorrect input validation in LookupProcessor.cpp in the ICU Layout Engine, which allows attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted font file.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrockitjrejdkn/a
CVE-2013-5824
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-4.84% / 89.11%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 17:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5787, CVE-2013-5789, CVE-2013-5832, and CVE-2013-5852.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2013-5610
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-10||HIGH
EPSS-0.88% / 74.42%
||
7 Day CHG~0.00%
Published-11 Dec, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Action-Not Available
Vendor-n/aMozilla CorporationopenSUSESUSEFedora ProjectOracle CorporationCanonical Ltd.
Product-solarisfedorafirefoxseamonkeyubuntu_linuxopensuselinux_enterprise_desktoplinux_enterprise_serverlinux_enterprise_software_development_kitn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2013-4316
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-10||HIGH
EPSS-7.07% / 91.13%
||
7 Day CHG~0.00%
Published-30 Sep, 2013 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Apache Struts 2.0.0 through 2.3.15.1 enables Dynamic Method Invocation by default, which has unknown impact and attack vectors.

Action-Not Available
Vendor-n/aThe Apache Software FoundationOracle Corporation
Product-strutsflexcube_private_bankingmysql_enterprise_monitorwebcenter_sitesn/a
CWE ID-CWE-284
Improper Access Control
CVE-2013-2422
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-15.49% / 94.39%
||
7 Day CHG~0.00%
Published-17 Apr, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper method-invocation restrictions by the MethodUtil trampoline class, which allows remote attackers to bypass the Java sandbox.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2013-2427
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-1.26% / 78.59%
||
7 Day CHG~0.00%
Published-17 Apr, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX, a different vulnerability than CVE-2013-0402, CVE-2013-2414, and CVE-2013-2428.

Action-Not Available
Vendor-n/aOracle Corporation
Product-javafxjdkjren/a
CVE-2013-2466
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-7.54% / 91.43%
||
7 Day CHG~0.00%
Published-18 Jun, 2013 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2442 and CVE-2013-2468.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2013-2473
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-27.32% / 96.22%
||
7 Day CHG~0.00%
Published-18 Jun, 2013 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ByteBandedRaster size checks" in 2D.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2013-2465
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-93.56% / 99.83%
||
7 Day CHG~0.00%
Published-18 Jun, 2013 | 22:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-04-18||Apply updates per vendor instructions.

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image channel verification" in 2D.

Action-Not Available
Vendor-n/aOracle CorporationSun Microsystems (Oracle Corporation)SUSE
Product-linux_enterprise_javajrelinux_enterprise_serverlinux_enterprise_desktoplinux_enterprise_software_development_kitn/aJava SE
CWE ID-CWE-693
Protection Mechanism Failure
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 8
  • 9
  • Next
Details not found