Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openjdk vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-2475
Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent malicious users to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to (1) LayoutQueue, (2) Cursor.predefine...
Sun Java Se
Sun Openjdk
NA
CVE-2009-2476
The Java Management Extensions (JMX) implementation in Sun Java SE 6 before Update 15, and OpenJDK, does not properly enforce OpenType checks, which allows context-dependent malicious users to bypass intended access restrictions by leveraging finalizer resurrection to obtain a re...
Sun Openjdk
Sun Java Se
NA
CVE-2009-0793
cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that triggers execution of incorrect code for "transform...
Sun Openjdk 6
Littlecms Lcms 1.18
NA
CVE-2012-5373
Oracle Java SE 7 and previous versions, and OpenJDK 7 and previous versions, computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent malicious users to cause a denial of service (CPU consumption) via cra...
Oracle Jdk
Oracle Openjdk
Oracle Jre
NA
CVE-2013-0431
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, and OpenJDK 7, allows user-assisted remote malicious users to bypass the Java security sandbox via unspecified vectors related to JMX, aka "Issue 52," a diff...
Oracle Jre 1.7.0
Oracle Openjdk 7
1 EDB exploit
1 Github repository
2 Articles
NA
CVE-2009-3728
Directory traversal vulnerability in the ICC_Profile.getInstance method in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote malicious users to determine the existence of local International Color Consortium (ICC...
Sun Jre 1.5.0
Sun Jre 1.6.0
Sun Openjdk
4.8
CVSSv3
CVE-2020-2593
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with ne...
Oracle Jdk 1.7.0
Oracle Jdk 1.8.0
Oracle Jdk 11.0.5
Oracle Jdk 13.0.1
Oracle Jre 1.7.0
Oracle Jre 1.8.0
Oracle Jre 11.0.5
Oracle Jre 13.0.1
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Eus 7.7
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Workstation 7.0
Oracle Openjdk 7
Oracle Openjdk 8
Oracle Openjdk 11
6.8
CVSSv3
CVE-2020-2601
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with netw...
Oracle Jdk 1.7.0
Oracle Jdk 1.8.0
Oracle Jdk 11.0.5
Oracle Jdk 13.0.1
Oracle Jre 1.7.0
Oracle Jre 1.8.0
Oracle Jre 11.0.5
Oracle Jre 13.0.1
Oracle Openjdk 7
Oracle Openjdk 8
Oracle Openjdk 11
Oracle Openjdk 11.0.1
Oracle Openjdk 11.0.2
Oracle Openjdk 11.0.3
Oracle Openjdk 11.0.4
Oracle Openjdk 11.0.5
Oracle Openjdk 13
Oracle Openjdk 13.0.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
3.7
CVSSv3
CVE-2020-2654
Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compr...
Oracle Jdk 1.7.0
Oracle Jdk 1.8.0
Oracle Jdk 11.0.5
Oracle Jdk 13.0.1
Oracle Jre 1.7.0
Oracle Jre 1.8.0
Oracle Jre 11.0.5
Oracle Jre 13.0.1
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Eus 7.7
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Workstation 7.0
Oracle Openjdk 7
Oracle Openjdk 8
Oracle Openjdk 11
3.7
CVSSv3
CVE-2020-2590
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with netw...
Oracle Jdk 1.7.0
Oracle Jdk 1.8.0
Oracle Jdk 11.0.5
Oracle Jdk 13.0.1
Oracle Jre 1.7.0
Oracle Jre 1.8.0
Oracle Jre 11.0.5
Oracle Jre 13.0.1
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Eus 7.7
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Tus 7.7
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Workstation 7.0
Oracle Openjdk 7
Oracle Openjdk 8
Oracle Openjdk 11
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »