Skip to main content

Java

3274 CVEs product

Monthly

CVE-2013-1927 MEDIUM This Month

The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remote attackers to execute arbitrary code via a crafted file that validates as both a GIF and a Java JAR file, aka "GIFAR.". Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Java RCE Icedtea Web Ubuntu Linux Opensuse
NVD
CVSS 2.0
6.8
EPSS
2.5%
CVE-2012-6092 Maven MEDIUM PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in the web demos in Apache ActiveMQ before 5.8.0 allow remote attackers to inject arbitrary web script or HTML via (1) the refresh parameter to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Apache Java XSS Activemq
NVD
CVSS 2.0
4.3
EPSS
2.6%
CVE-2013-2440 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
6.5%
CVE-2013-2439 MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier. Rated medium severity (CVSS 6.9). No vendor patch available.

Java Oracle Information Disclosure Jre Jdk +1
NVD
CVSS 2.0
6.9
EPSS
0.1%
CVE-2013-2438 MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect integrity via unknown vectors related to JavaFX. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
5.0
EPSS
0.8%
CVE-2013-2436 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
9.3
EPSS
6.1%
CVE-2013-2435 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
6.5%
CVE-2013-2434 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk +1
NVD
CVSS 2.0
10.0
EPSS
1.5%
CVE-2013-2433 MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
4.3
EPSS
2.7%
CVE-2013-2432 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk +1
NVD
CVSS 2.0
10.0
EPSS
6.0%
CVE-2013-2431 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 16.1% and no vendor patch available.

Java Oracle Authentication Bypass Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
16.1%
CVE-2013-2430 HIGH This Week

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; JavaFX 2.2.7 and earlier;. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk +1
NVD
CVSS 2.0
7.6
EPSS
7.3%
CVE-2013-2429 HIGH Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7;. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. Epss exploitation probability 10.7% and no vendor patch available.

Buffer Overflow Java Oracle Jre Jdk
NVD
CVSS 2.0
7.6
EPSS
10.7%
CVE-2013-2428 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk +1
NVD
CVSS 2.0
10.0
EPSS
1.6%
CVE-2013-2427 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk +1
NVD
CVSS 2.0
10.0
EPSS
2.8%
CVE-2013-2426 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 25.4% and no vendor patch available.

Java Oracle Authentication Bypass Jre Jdk
NVD
CVSS 2.0
9.3
EPSS
25.4%
CVE-2013-2425 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect confidentiality, integrity, and availability via. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
1.6%
CVE-2013-2424 MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7;. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
5.0
EPSS
3.9%
CVE-2013-2423 LOW POC KEV PATCH THREAT Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via unknown vectors. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. Actively exploited in the wild (cisa kev) and public exploit code available.

Java Oracle Authentication Bypass
NVD Exploit-DB VulDB
CVSS 3.1
3.7
EPSS
93.4%
Threat
6.5
CVE-2013-2422 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 15.5% and no vendor patch available.

Java Oracle Authentication Bypass Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
15.5%
CVE-2013-2421 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 25.4% and no vendor patch available.

Java Oracle Authentication Bypass Jre Jdk
NVD
CVSS 2.0
9.3
EPSS
25.4%
CVE-2013-2420 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7;. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
6.3%
CVE-2013-2419 MEDIUM POC THREAT This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7;. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 12.8%.

Java Oracle Information Disclosure Jre Jdk
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
12.8%
CVE-2013-2418 MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows local users to affect confidentiality,. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
4.6
EPSS
0.1%
CVE-2013-2417 MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7;. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
5.0
EPSS
4.9%
CVE-2013-2416 MEDIUM POC THREAT This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect integrity via unknown vectors related to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 37.6%.

Java Oracle Information Disclosure Jre Jdk
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
37.6%
CVE-2013-2415 LOW Monitor

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows local users to affect confidentiality via vectors. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2013-2414 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk +1
NVD
CVSS 2.0
10.0
EPSS
2.8%
CVE-2013-2394 HIGH This Week

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk +1
NVD
CVSS 2.0
7.6
EPSS
6.1%
CVE-2013-2384 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7;. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
5.6%
CVE-2013-2383 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7;. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
5.6%
CVE-2013-1569 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7;. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
1.5%
CVE-2013-1564 MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect integrity via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk +1
NVD
CVSS 2.0
5.0
EPSS
0.8%
CVE-2013-1563 HIGH This Week

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk +1
NVD
CVSS 2.0
7.6
EPSS
3.9%
CVE-2013-1561 MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk +1
NVD
CVSS 2.0
5.0
EPSS
0.6%
CVE-2013-1558 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
5.4%
CVE-2013-1557 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7;. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
8.3%
CVE-2013-1540 MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
4.3
EPSS
5.8%
CVE-2013-1537 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7;. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 10.2% and no vendor patch available.

Java Oracle RCE Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
10.2%
CVE-2013-1518 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7;. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
6.8%
CVE-2013-2441 MEDIUM This Month

Unspecified vulnerability in the Agile EDM component in Oracle Supply Chain Products Suite 6.1.1.0, 6.1.2.0, and 6.1.2.2 allows remote authenticated users to affect integrity via unknown vectors. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Supply Chain Products Suite
NVD
CVSS 2.0
4.0
EPSS
0.1%
CVE-2013-0935 CRITICAL Act Now

EMC Smarts Network Configuration Manager (NCM) before 9.2 does not require authentication for all Java RMI method calls, which allows remote attackers to execute arbitrary code via unspecified. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

RCE Java Authentication Bypass Smarts Network Configuration Manager
NVD
CVSS 2.0
9.3
EPSS
1.8%
CVE-2013-0487 HIGH This Week

The Java Console in IBM Domino 8.5.x allows remote authenticated users to hijack temporary credentials by leveraging knowledge of configuration details, aka SPR KLYH8TNNDN. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM Java Authentication Bypass Lotus Domino
NVD
CVSS 2.0
8.5
EPSS
0.6%
CVE-2013-0967 MEDIUM This Month

CoreTypes in Apple Mac OS X before 10.8.3 includes JNLP files in the list of safe file types, which allows remote attackers to bypass a Java plug-in disabled setting, and trigger the launch of Java. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Apple Authentication Bypass Mac Os X Mac Os X Server
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2013-1491 CRITICAL Act Now

The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 19.6% and no vendor patch available.

Code Injection Java Oracle RCE Jdk +1
NVD
CVSS 2.0
10.0
EPSS
19.6%
CVE-2013-1488 CRITICAL POC THREAT Emergency

The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to execute arbitrary code via unspecified vectors involving. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 86.3%.

Code Injection Java Oracle RCE Jdk +1
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
86.3%
Threat
6.1
CVE-2013-0402 CRITICAL Act Now

Heap-based buffer overflow in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to execute arbitrary code via. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Java Oracle RCE Javafx +2
NVD
CVSS 2.0
10.0
EPSS
5.1%
CVE-2013-0401 CRITICAL Act Now

The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to execute. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 10.1% and no vendor patch available.

Code Injection Java Oracle RCE Jdk +1
NVD
CVSS 2.0
10.0
EPSS
10.1%
CVE-2013-1493 CRITICAL POC THREAT Emergency

The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 93.0%.

Java Denial Of Service Buffer Overflow Oracle RCE +2
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
93.0%
Threat
6.3
CVE-2013-0809 CRITICAL Act Now

Unspecified vulnerability in the 2D component in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle RCE Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
8.2%
CVE-2012-4858 CRITICAL Act Now

IBM Cognos Business Intelligence (BI) 8.4.1 before IF1, 10.1 before IF2, 10.1.1 before IF2, and 10.2 before IF1 does not properly validate Java serialized input, which allows remote attackers to. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Information Disclosure IBM Cognos Business Intelligence
NVD
CVSS 2.0
9.3
EPSS
2.0%
CVE-2013-1487 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE 7 Update 13 and earlier and 6 Update 39 and earlier allows remote attackers to affect confidentiality, integrity,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
3.1%
CVE-2013-1486 CRITICAL PATCH Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
1.2%
CVE-2013-1485 MEDIUM PATCH This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect integrity via unknown vectors related to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
5.0
EPSS
0.6%
CVE-2013-1484 CRITICAL PATCH Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect confidentiality, integrity, and availability via. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
0.9%
CVE-2013-1624 Maven MEDIUM PATCH This Month

The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable.

Java Information Disclosure Bc Java Legion Of The Bouncy Castle C Cryptography Api
NVD
CVSS 2.0
4.0
EPSS
0.4%
CVE-2013-1483 CRITICAL Act Now

Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Javafx
NVD
CVSS 2.0
10.0
EPSS
1.3%
CVE-2013-1482 CRITICAL Act Now

Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Javafx
NVD
CVSS 2.0
10.0
EPSS
1.3%
CVE-2013-1481 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier allows remote attackers to affect. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
7.2%
CVE-2013-1480 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Java Oracle Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
1.3%
CVE-2013-1479 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and JavaFX 2.2.4 and earlier allows remote attackers to affect. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk +1
NVD
CVSS 2.0
10.0
EPSS
2.0%
CVE-2013-1478 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Java Oracle Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
1.1%
CVE-2013-1477 CRITICAL Act Now

Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Javafx
NVD
CVSS 2.0
10.0
EPSS
1.2%
CVE-2013-1476 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Authentication Bypass Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
1.3%
CVE-2013-1475 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
1.0%
CVE-2013-1474 CRITICAL Act Now

Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure Javafx
NVD
CVSS 2.0
9.3
EPSS
1.2%
CVE-2013-1473 MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect integrity via unknown vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
5.0
EPSS
2.8%
CVE-2013-1472 CRITICAL Act Now

Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Javafx
NVD
CVSS 2.0
10.0
EPSS
1.3%
CVE-2013-0450 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
1.2%
CVE-2013-0449 MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 allows remote attackers to affect confidentiality via unknown vectors related to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2013-0448 MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 allows remote attackers to affect integrity via unknown vectors related to Libraries. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
5.0
EPSS
1.0%
CVE-2013-0447 CRITICAL Act Now

Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Javafx
NVD
CVSS 2.0
10.0
EPSS
1.5%
CVE-2013-0446 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
8.5%
CVE-2013-0445 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Authentication Bypass Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
1.6%
CVE-2013-0444 HIGH This Week

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
7.6
EPSS
8.0%
CVE-2013-0443 MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
4.0
EPSS
0.3%
CVE-2013-0442 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Authentication Bypass Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
1.6%
CVE-2013-0441 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Authentication Bypass Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
1.6%
CVE-2013-0440 MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 7,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
5.0
EPSS
0.9%
CVE-2013-0439 CRITICAL Act Now

Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Javafx
NVD
CVSS 2.0
10.0
EPSS
1.5%
CVE-2013-0438 MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality via unknown. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
4.3
EPSS
3.1%
CVE-2013-0437 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk +1
NVD
CVSS 2.0
10.0
EPSS
1.5%
CVE-2013-0436 CRITICAL Act Now

Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Javafx
NVD
CVSS 2.0
10.0
EPSS
1.5%
CVE-2013-0435 MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
5.0
EPSS
0.6%
CVE-2013-0434 MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2013-0433 MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization Java Oracle Jre Jdk
NVD
CVSS 2.0
5.0
EPSS
0.8%
CVE-2013-0432 MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
6.4
EPSS
0.8%
CVE-2013-0430 MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38, allows local users to affect confidentiality, integrity, and. Rated medium severity (CVSS 6.9). No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
6.9
EPSS
0.2%
CVE-2013-0429 HIGH This Week

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Authentication Bypass Jre Jdk
NVD
CVSS 2.0
7.6
EPSS
0.8%
CVE-2013-0428 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
1.2%
EPSS 2% CVSS 6.8
MEDIUM This Month

The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remote attackers to execute arbitrary code via a crafted file that validates as both a GIF and a Java JAR file, aka "GIFAR.". Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Java RCE Icedtea Web +2
NVD
EPSS 3% CVSS 4.3
MEDIUM PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in the web demos in Apache ActiveMQ before 5.8.0 allow remote attackers to inject arbitrary web script or HTML via (1) the refresh parameter to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Apache Java XSS +1
NVD
EPSS 7% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier. Rated medium severity (CVSS 6.9). No vendor patch available.

Java Oracle Information Disclosure +3
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect integrity via unknown vectors related to JavaFX. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 6% CVSS 9.3
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 7% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 1% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +3
NVD
EPSS 3% CVSS 4.3
MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 6% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +3
NVD
EPSS 16% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 16.1% and no vendor patch available.

Java Oracle Authentication Bypass +2
NVD
EPSS 7% CVSS 7.6
HIGH This Week

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; JavaFX 2.2.7 and earlier;. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure +3
NVD
EPSS 11% CVSS 7.6
HIGH Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7;. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. Epss exploitation probability 10.7% and no vendor patch available.

Buffer Overflow Java Oracle +2
NVD
EPSS 2% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +3
NVD
EPSS 3% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +3
NVD
EPSS 25% CVSS 9.3
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 25.4% and no vendor patch available.

Java Oracle Authentication Bypass +2
NVD
EPSS 2% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect confidentiality, integrity, and availability via. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 4% CVSS 5.0
MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7;. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 93% 6.5 CVSS 3.7
LOW POC KEV PATCH THREAT Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via unknown vectors. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. Actively exploited in the wild (cisa kev) and public exploit code available.

Java Oracle Authentication Bypass
NVD Exploit-DB VulDB
EPSS 15% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 15.5% and no vendor patch available.

Java Oracle Authentication Bypass +2
NVD
EPSS 25% CVSS 9.3
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 25.4% and no vendor patch available.

Java Oracle Authentication Bypass +2
NVD
EPSS 6% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7;. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 13% CVSS 5.0
MEDIUM POC THREAT This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7;. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 12.8%.

Java Oracle Information Disclosure +2
NVD Exploit-DB
EPSS 0% CVSS 4.6
MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows local users to affect confidentiality,. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 5% CVSS 5.0
MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7;. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 38% CVSS 4.3
MEDIUM POC THREAT This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect integrity via unknown vectors related to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 37.6%.

Java Oracle Information Disclosure +2
NVD Exploit-DB
EPSS 0% CVSS 2.1
LOW Monitor

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows local users to affect confidentiality via vectors. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 3% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +3
NVD
EPSS 6% CVSS 7.6
HIGH This Week

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure +3
NVD
EPSS 6% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7;. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 6% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7;. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 1% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7;. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect integrity via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +3
NVD
EPSS 4% CVSS 7.6
HIGH This Week

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure +3
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +3
NVD
EPSS 5% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 8% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7;. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 6% CVSS 4.3
MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 10% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7;. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 10.2% and no vendor patch available.

Java Oracle RCE +2
NVD
EPSS 7% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7;. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

Unspecified vulnerability in the Agile EDM component in Oracle Supply Chain Products Suite 6.1.1.0, 6.1.2.0, and 6.1.2.2 allows remote authenticated users to affect integrity via unknown vectors. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +1
NVD
EPSS 2% CVSS 9.3
CRITICAL Act Now

EMC Smarts Network Configuration Manager (NCM) before 9.2 does not require authentication for all Java RMI method calls, which allows remote attackers to execute arbitrary code via unspecified. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

RCE Java Authentication Bypass +1
NVD
EPSS 1% CVSS 8.5
HIGH This Week

The Java Console in IBM Domino 8.5.x allows remote authenticated users to hijack temporary credentials by leveraging knowledge of configuration details, aka SPR KLYH8TNNDN. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM Java Authentication Bypass +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

CoreTypes in Apple Mac OS X before 10.8.3 includes JNLP files in the list of safe file types, which allows remote attackers to bypass a Java plug-in disabled setting, and trigger the launch of Java. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Apple Authentication Bypass +2
NVD
EPSS 20% CVSS 10.0
CRITICAL Act Now

The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 19.6% and no vendor patch available.

Code Injection Java Oracle +3
NVD
EPSS 86% 6.1 CVSS 10.0
CRITICAL POC THREAT Emergency

The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to execute arbitrary code via unspecified vectors involving. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 86.3%.

Code Injection Java Oracle +3
NVD Exploit-DB
EPSS 5% CVSS 10.0
CRITICAL Act Now

Heap-based buffer overflow in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to execute arbitrary code via. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Java Oracle +4
NVD
EPSS 10% CVSS 10.0
CRITICAL Act Now

The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to execute. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 10.1% and no vendor patch available.

Code Injection Java Oracle +3
NVD
EPSS 93% 6.3 CVSS 10.0
CRITICAL POC THREAT Emergency

The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 93.0%.

Java Denial Of Service Buffer Overflow +4
NVD Exploit-DB
EPSS 8% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the 2D component in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle RCE +2
NVD
EPSS 2% CVSS 9.3
CRITICAL Act Now

IBM Cognos Business Intelligence (BI) 8.4.1 before IF1, 10.1 before IF2, 10.1.1 before IF2, and 10.2 before IF1 does not properly validate Java serialized input, which allows remote attackers to. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Information Disclosure IBM +1
NVD
EPSS 3% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE 7 Update 13 and earlier and 6 Update 39 and earlier allows remote attackers to affect confidentiality, integrity,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 1% CVSS 10.0
CRITICAL PATCH Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Java Oracle Information Disclosure +2
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect integrity via unknown vectors related to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Java Oracle Information Disclosure +2
NVD
EPSS 1% CVSS 10.0
CRITICAL PATCH Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect confidentiality, integrity, and availability via. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Java Oracle Information Disclosure +2
NVD
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable.

Java Information Disclosure Bc Java +1
NVD
EPSS 1% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +1
NVD
EPSS 1% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +1
NVD
EPSS 7% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier allows remote attackers to affect. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 1% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Java Oracle +2
NVD
EPSS 2% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and JavaFX 2.2.4 and earlier allows remote attackers to affect. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +3
NVD
EPSS 1% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Java Oracle +2
NVD
EPSS 1% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +1
NVD
EPSS 1% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Authentication Bypass +2
NVD
EPSS 1% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 1% CVSS 9.3
CRITICAL Act Now

Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure +1
NVD
EPSS 3% CVSS 5.0
MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect integrity via unknown vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 1% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +1
NVD
EPSS 1% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 allows remote attackers to affect confidentiality via unknown vectors related to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 allows remote attackers to affect integrity via unknown vectors related to Libraries. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 1% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +1
NVD
EPSS 9% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 2% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Authentication Bypass +2
NVD
EPSS 8% CVSS 7.6
HIGH This Week

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 2% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Authentication Bypass +2
NVD
EPSS 2% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Authentication Bypass +2
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 7,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 1% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +1
NVD
EPSS 3% CVSS 4.3
MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality via unknown. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 2% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +3
NVD
EPSS 1% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +1
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization Java Oracle +2
NVD
EPSS 1% CVSS 6.4
MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38, allows local users to affect confidentiality, integrity, and. Rated medium severity (CVSS 6.9). No vendor patch available.

Java Oracle Information Disclosure +2
NVD
EPSS 1% CVSS 7.6
HIGH This Week

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Authentication Bypass +2
NVD
EPSS 1% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure +2
NVD
Prev Page 35 of 37 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy