Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openjdk vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2021-20264
An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. This flaw allows an attacker with access to the container to modify the /etc/passwd and escalate their privileges. The highest threat from this vulnerability is to confid...
Oracle Openjdk 1.8.0
Oracle Openjdk 11
5
CVSSv2
CVE-2012-2739
Oracle Java SE prior to 7 Update 6, and OpenJDK 7 prior to 7u6 build 12 and 8 before build 39, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent malicious users to cause a denial of service (CPU consumption...
Oracle Jre 1.7.0
Oracle Jdk 1.7.0
Oracle Jre
Oracle Jdk
Oracle Openjdk
Oracle Openjdk 1.6.0
Oracle Openjdk 1.8.0
4.3
CVSSv2
CVE-2021-2341
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerabi...
Oracle Openjdk 8
Oracle Openjdk 11.0.11
Oracle Graalvm 20.3.2
Oracle Graalvm 21.1.0
Oracle Openjdk 16.0.1
Oracle Openjdk 7
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
2 Github repositories
10
CVSSv2
CVE-2009-1896
The Java Web Start framework in IcedTea in OpenJDK prior to 1.6.0.0-20.b16.fc10 on Fedora 10, and prior to 1.6.0.0-27.b16.fc11 on Fedora 11, trusts an entire application when at least one of the listed jar files is trusted, which allows context-dependent malicious users to execut...
Sun Openjdk
5
CVSSv2
CVE-2009-0794
Integer overflow in the PulseAudioTargetDataL class in src/java/org/classpath/icedtea/pulseaudio/PulseAudioTargetDataLine.java in Pulse-Java, as used in OpenJDK 1.6.0.0 and other products, allows remote malicious users to cause a denial of service (applet crash) via a crafted Pul...
Sun Openjdk 1.6.0.0
10
CVSSv2
CVE-2014-0462
Unspecified vulnerability in OpenJDK 6 prior to 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-2405.
Oracle Openjdk 1.6.0
10
CVSSv2
CVE-2014-8873
A .desktop file in the Debian openjdk-7 package 7u79-2.5.5-1~deb8u1 includes a MIME type registration that is added to /etc/mailcap by mime-support, which allows remote malicious users to execute arbitrary code via a JAR file.
Oracle Openjdk 1.7.0
10
CVSSv2
CVE-2014-2405
Unspecified vulnerability in OpenJDK 6 prior to 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-0462.
Oracle Openjdk 1.6.0
10
CVSSv2
CVE-2009-2689
JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent malicious users to bypass intended access restrictions via an untrusted (1) applet o...
Sun Java Se
Sun Openjdk
5
CVSSv2
CVE-2009-2690
The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which allows context-dependent malicious users to obtain sensitive information via an untrusted (1) applet or (2) application.
Sun Openjdk
Sun Java Se
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »