Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openjdk vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2021-20264
An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. This flaw allows an attacker with access to the container to modify the /etc/passwd and escalate their privileges. The highest threat from this vulnerability is to confid...
Oracle Openjdk 1.8.0
Oracle Openjdk 11
NA
CVE-2012-2739
Oracle Java SE prior to 7 Update 6, and OpenJDK 7 prior to 7u6 build 12 and 8 before build 39, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent malicious users to cause a denial of service (CPU consumption...
Oracle Jre 1.7.0
Oracle Jdk 1.7.0
Oracle Jre
Oracle Jdk
Oracle Openjdk
Oracle Openjdk 1.6.0
Oracle Openjdk 1.8.0
3.1
CVSSv3
CVE-2021-2341
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerabi...
Oracle Openjdk 8
Oracle Openjdk 11.0.11
Oracle Graalvm 20.3.2
Oracle Graalvm 21.1.0
Oracle Openjdk 16.0.1
Oracle Openjdk 7
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
2 Github repositories
NA
CVE-2009-1896
The Java Web Start framework in IcedTea in OpenJDK prior to 1.6.0.0-20.b16.fc10 on Fedora 10, and prior to 1.6.0.0-27.b16.fc11 on Fedora 11, trusts an entire application when at least one of the listed jar files is trusted, which allows context-dependent malicious users to execut...
Sun Openjdk
NA
CVE-2014-8873
A .desktop file in the Debian openjdk-7 package 7u79-2.5.5-1~deb8u1 includes a MIME type registration that is added to /etc/mailcap by mime-support, which allows remote malicious users to execute arbitrary code via a JAR file.
Oracle Openjdk 1.7.0
NA
CVE-2014-0462
Unspecified vulnerability in OpenJDK 6 prior to 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-2405.
Oracle Openjdk 1.6.0
NA
CVE-2014-2405
Unspecified vulnerability in OpenJDK 6 prior to 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-0462.
Oracle Openjdk 1.6.0
NA
CVE-2009-0794
Integer overflow in the PulseAudioTargetDataL class in src/java/org/classpath/icedtea/pulseaudio/PulseAudioTargetDataLine.java in Pulse-Java, as used in OpenJDK 1.6.0.0 and other products, allows remote malicious users to cause a denial of service (applet crash) via a crafted Pul...
Sun Openjdk 1.6.0.0
NA
CVE-2009-2475
Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent malicious users to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to (1) LayoutQueue, (2) Cursor.predefine...
Sun Java Se
Sun Openjdk
NA
CVE-2009-2476
The Java Management Extensions (JMX) implementation in Sun Java SE 6 before Update 15, and OpenJDK, does not properly enforce OpenType checks, which allows context-dependent malicious users to bypass intended access restrictions by leveraging finalizer resurrection to obtain a re...
Sun Openjdk
Sun Java Se
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »