Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sun openjdk vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2009-2689
JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent malicious users to bypass intended access restrictions via an untrusted (1) applet o...
Sun Java Se
Sun Openjdk
445
VMScore
CVE-2009-2690
The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which allows context-dependent malicious users to obtain sensitive information via an untrusted (1) applet or (2) application.
Sun Openjdk
Sun Java Se
694
VMScore
CVE-2009-2475
Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent malicious users to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to (1) LayoutQueue, (2) Cursor.predefine...
Sun Java Se
Sun Openjdk
890
VMScore
CVE-2009-2476
The Java Management Extensions (JMX) implementation in Sun Java SE 6 before Update 15, and OpenJDK, does not properly enforce OpenType checks, which allows context-dependent malicious users to bypass intended access restrictions by leveraging finalizer resurrection to obtain a re...
Sun Openjdk
Sun Java Se
890
VMScore
CVE-2009-1896
The Java Web Start framework in IcedTea in OpenJDK prior to 1.6.0.0-20.b16.fc10 on Fedora 10, and prior to 1.6.0.0-27.b16.fc11 on Fedora 11, trusts an entire application when at least one of the listed jar files is trusted, which allows context-dependent malicious users to execut...
Sun Openjdk
445
VMScore
CVE-2009-3728
Directory traversal vulnerability in the ICC_Profile.getInstance method in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote malicious users to determine the existence of local International Color Consortium (ICC...
Sun Jre 1.5.0
Sun Jre 1.6.0
Sun Openjdk
445
VMScore
CVE-2009-0794
Integer overflow in the PulseAudioTargetDataL class in src/java/org/classpath/icedtea/pulseaudio/PulseAudioTargetDataLine.java in Pulse-Java, as used in OpenJDK 1.6.0.0 and other products, allows remote malicious users to cause a denial of service (applet crash) via a crafted Pul...
Sun Openjdk 1.6.0.0
668
VMScore
CVE-2009-3879
Multiple unspecified vulnerabilities in the (1) X11 and (2) Win32GraphicsDevice subsystems in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and attack vectors, related to failure to clone arrays that are returned by the getConfiguration...
Sun Jre 1.5.0
Sun Jre 1.6.0
Sun Jre
Sun Openjdk
445
VMScore
CVE-2009-3880
The Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not properly restrict the objects that may be sent to loggers, which allows malicious users to obtain sensitive information via vector...
Sun Jre 1.5.0
Sun Jre 1.6.0
Sun Jre
Sun Openjdk
668
VMScore
CVE-2009-3881
Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not prevent the existence of children of a resurrected ClassLoader, which allows remote malicious users to gain privileges via unspecified vectors, related to an "information leak vulnerability,"...
Sun Jre 1.5.0
Sun Jre 1.6.0
Sun Jre
Sun Openjdk
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »