Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat icedtea vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2012-3422
The getFirstInTableInstance function in the IcedTea-Web plugin prior to 1.2.1 returns an uninitialized pointer when the instance_to_id_map hash is empty, which allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted web...
Redhat Icedtea-web
Redhat Icedtea-web 1.1
Redhat Icedtea-web 1.0
668
VMScore
CVE-2012-3423
The IcedTea-Web plugin prior to 1.2.1 does not properly handle NPVariant NPStrings without NUL terminators, which allows remote malicious users to cause a denial of service (crash), obtain sensitive information from memory, or execute arbitrary code via a crafted Java applet.
Redhat Icedtea-web
Redhat Icedtea-web 1.1
Redhat Icedtea-web 1.0
187
VMScore
CVE-2012-1717
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and previous versions, 6 update 32 and previous versions, 5 update 35 and previous versions, and 1.4.2_37 and previous versions allows local users to affect confidentiality via ...
Oracle Jre
Oracle Jre 1.5.0
Oracle Jre 1.6.0
Oracle Jre 1.7.0
Oracle Jdk
Oracle Jdk 1.5.0
Oracle Jdk 1.6.0
Oracle Jdk 1.7.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux For Scientific Computing 6.0
Redhat Enterprise Linux For Power Big Endian 5.0
Redhat Enterprise Linux Server Aus 6.2
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux For Ibm Z Systems 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Eus 6.2
Redhat Enterprise Linux Server From Rhui 6.0
Redhat Satellite With Embedded Oracle 5.5
Redhat Icedtea6
384
VMScore
CVE-2011-3389
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle malicious users...
Opera Opera Browser -
Microsoft Internet Explorer -
Microsoft Windows -
Google Chrome -
Mozilla Firefox -
Siemens Simatic Rf68xr Firmware
Siemens Simatic Rf615r Firmware
Haxx Curl
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server Aus 6.2
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Eus 6.2
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 10.04
2 Github repositories
1 Article
668
VMScore
CVE-2011-0706
The JNLPClassLoader class in IcedTea-Web prior to 1.0.1, as used in OpenJDK Runtime Environment 1.6.0, allows remote malicious users to gain privileges via unknown vectors related to multiple signers and the assignment of "an inappropriate security descriptor."
Redhat Icedtea-web 1.0
Redhat Icedtea-web 1.0.1
Sun Jdk 1.6.0
605
VMScore
CVE-2011-0025
IcedTea 1.7 prior to 1.7.8, 1.8 prior to 1.8.5, and 1.9 prior to 1.9.5 does not properly verify signatures for JAR files that (1) are "partially signed" or (2) signed by multiple entities, which allows remote malicious users to trick users into executing code that appea...
Redhat Icedtea 1.9.3
Redhat Icedtea 1.8.1
Redhat Icedtea 1.9.4
Redhat Icedtea 1.7.7
Redhat Icedtea 1.7.2
Redhat Icedtea 1.8.3
Redhat Icedtea 1.8
Redhat Icedtea 1.7.3
Redhat Icedtea 1.7.5
Redhat Icedtea 1.8.4
Redhat Icedtea 1.7.4
Redhat Icedtea 1.7.6
Redhat Icedtea 1.8.2
Redhat Icedtea 1.7.1
Redhat Icedtea 1.9.2
Redhat Icedtea 1.9
Redhat Icedtea 1.9.1
Redhat Icedtea 1.7
605
VMScore
CVE-2010-4351
The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 prior to 1.7.7, 1.8 prior to 1.8.4, and 1.9 prior to 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent malicious users ...
Redhat Icedtea 1.7
Redhat Icedtea 1.7.1
Redhat Icedtea 1.7.2
Redhat Icedtea 1.7.3
Redhat Icedtea 1.7.4
Redhat Icedtea 1.7.5
Redhat Icedtea 1.7.6
Redhat Icedtea 1.8
Redhat Icedtea 1.8.1
Redhat Icedtea 1.8.2
Redhat Icedtea 1.8.3
Redhat Icedtea 1.9
Redhat Icedtea 1.9.1
Redhat Icedtea 1.9.2
Redhat Icedtea 1.9.3
445
VMScore
CVE-2010-3860
IcedTea 1.7.x prior to 1.7.6, 1.8.x prior to 1.8.3, and 1.9.x prior to 1.9.2, as based on OpenJDK 6, declares multiple sensitive variables as public, which allows remote malicious users to obtain sensitive information including (1) user.name, (2) user.home, and (3) java.home syst...
Redhat Icedtea 1.8
Redhat Icedtea 1.8.1
Redhat Icedtea 1.8.2
Redhat Icedtea 1.9
Redhat Icedtea
Redhat Icedtea 1.5
Redhat Icedtea 1.6
Redhat Icedtea 1.7
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2