Skip to main content

Vasa Provider For Clustered Data Ontap

66 CVEs product

Monthly

CVE-2021-28165 Maven HIGH POC PATCH THREAT This Week

In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Jetty Autovue For Agile Product Lifecycle Management Communications Cloud Native Core Policy Communications Element Manager +17
NVD GitHub
CVSS 3.1
7.5
EPSS
53.9%
CVE-2021-28164 Maven MEDIUM POC PATCH THREAT This Month

In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Jetty Cloud Manager E Series Performance Analyzer E Series Santricity Os Controller +13
NVD GitHub Exploit-DB
CVSS 3.1
5.3
EPSS
82.4%
CVE-2021-28163 Maven LOW POC PATCH Monitor

In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Jetty Fedora Ignite Solr +19
NVD GitHub
CVSS 3.1
2.7
EPSS
4.2%
CVE-2020-13954 Maven MEDIUM PATCH This Month

By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Apache Cxf Snap Creator Framework Vasa Provider For Clustered Data Ontap +3
NVD
CVSS 3.1
6.1
EPSS
43.0%
CVE-2020-11868 HIGH PATCH This Week

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Ntp Enterprise Linux Data Ontap Hci Management Node +13
NVD
CVSS 3.1
7.5
EPSS
2.1%
CVE-2019-11815 HIGH POC PATCH This Week

An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Race Condition Linux Information Disclosure Linux Kernel Ubuntu Linux +12
NVD GitHub
CVSS 3.1
8.1
EPSS
4.5%
CVE-2019-3900 HIGH PATCH This Week

An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Linux Linux Kernel Fedora Enterprise Linux +11
NVD
CVSS 3.1
7.7
EPSS
4.4%
CVE-2019-3882 MEDIUM PATCH This Month

A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Linux Linux Kernel Fedora Debian Linux +10
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2019-11486 HIGH PATCH This Week

The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions. Rated high severity (CVSS 7.0).

Race Condition Linux Siemens Information Disclosure Linux Kernel +9
NVD GitHub
CVSS 3.1
7.0
EPSS
0.4%
CVE-2019-10247 Maven MEDIUM PATCH This Month

In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Jetty Oncommand System Manager Snap Creator Framework Snapcenter +22
NVD
CVSS 3.1
5.3
EPSS
5.8%
CVE-2019-10246 Maven MEDIUM PATCH This Month

In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server running on Windows is vulnerable to exposure of the fully qualified Base Resource directory name on Windows to a remote client when it. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Jetty Oncommand System Manager Snap Creator Framework +22
NVD
CVSS 3.1
5.3
EPSS
4.0%
CVE-2019-3901 MEDIUM PATCH This Month

A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. Rated medium severity (CVSS 4.7).

Information Disclosure Linux Kernel Debian Linux Active Iq Unified Manager For Vmware Vsphere Hci Management Node +6
NVD
CVSS 3.1
4.7
EPSS
0.3%
CVE-2018-2973 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JSSE). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass Jdk Jre +18
NVD
CVSS 3.1
5.9
EPSS
4.7%
CVE-2018-2964 HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Information Disclosure Jdk Jre +13
NVD
CVSS 3.1
8.3
EPSS
2.8%
CVE-2018-2952 LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Denial Of Service Jdk Jre +24
NVD
CVSS 3.1
3.7
EPSS
4.2%
CVE-2018-2942 HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Windows DLL). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Microsoft Information Disclosure Jdk +14
NVD
CVSS 3.1
8.3
EPSS
1.8%
CVE-2018-2941 HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Information Disclosure Jdk Jre +13
NVD
CVSS 3.1
8.3
EPSS
2.2%
CVE-2018-2940 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Authentication Bypass Jdk Jre +18
NVD
CVSS 3.1
4.3
EPSS
3.1%
CVE-2018-2938 CRITICAL PATCH Act Now

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java DB). Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Information Disclosure Jdk Jre +13
NVD
CVSS 3.1
9.0
EPSS
1.9%
CVE-2018-2638 HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Information Disclosure Jdk Jre +22
NVD
CVSS 3.1
8.3
EPSS
3.3%
CVE-2018-2627 HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer). Rated high severity (CVSS 7.5).

Java Oracle Microsoft Information Disclosure Jdk +19
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2018-2581 MEDIUM PATCH This Month

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Authentication Bypass Jdk Jre +18
NVD
CVSS 3.1
4.7
EPSS
2.5%
CVE-2017-10388 HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Java Oracle Jdk Jre +27
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2017-10357 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Oracle Jdk Jre +27
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2017-10356 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Java Oracle Jdk Jre +27
NVD
CVSS 3.1
6.2
EPSS
0.7%
CVE-2017-10355 MEDIUM POC PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Java Oracle Jdk Jre +28
NVD Exploit-DB
CVSS 3.1
5.3
EPSS
6.3%
CVE-2017-10350 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Oracle Jdk Jre +27
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2017-10349 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Oracle Jdk Jre +27
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2017-10348 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Oracle Jdk Jre +27
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2017-10347 MEDIUM PATCH This Month

Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Oracle Jdk Jre +27
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2017-10346 CRITICAL PATCH Act Now

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Java Oracle Jdk Jre +27
NVD
CVSS 3.1
9.6
EPSS
0.6%
CVE-2017-10345 LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Java Oracle Jdk Jre +28
NVD
CVSS 3.1
3.1
EPSS
0.8%
CVE-2017-10309 HIGH POC PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Java Oracle Jdk Jre +24
NVD Exploit-DB
CVSS 3.1
7.1
EPSS
1.8%
CVE-2017-10295 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle Jdk Jre +28
NVD
CVSS 3.1
4.0
EPSS
0.4%
CVE-2017-10293 MEDIUM PATCH This Month

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Java Oracle Jdk Jre +19
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2017-10285 CRITICAL PATCH Act Now

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Java Oracle Jdk Jre +27
NVD
CVSS 3.1
9.6
EPSS
0.6%
CVE-2017-10281 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Oracle Jdk Jre +28
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2017-10274 MEDIUM PATCH This Month

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Smart Card IO). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle Jdk Jre +26
NVD
CVSS 3.1
6.8
EPSS
0.6%
CVE-2017-10243 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAX-WS). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Oracle Jdk Jre +25
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2017-10198 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle Jdk Jre +25
NVD
CVSS 3.1
6.8
EPSS
0.2%
CVE-2017-10193 LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle Jdk Jre +23
NVD
CVSS 3.1
3.1
EPSS
0.3%
CVE-2017-10176 HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Java Oracle Jdk Jre +19
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2017-10135 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle Jdk Jre +25
NVD
CVSS 3.1
5.9
EPSS
0.2%
CVE-2017-10125 HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Rated high severity (CVSS 7.1), this vulnerability is no authentication required.

Information Disclosure Java Oracle Jdk Jre +16
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2017-10118 HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Java Oracle Jdk Jre +19
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2017-10116 HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Java Oracle Jdk Jre +26
NVD
CVSS 3.1
8.3
EPSS
1.7%
CVE-2017-10115 HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Java Oracle Jdk Jre +26
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2017-10114 HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Java Oracle Jdk Jre +17
NVD
CVSS 3.1
8.3
EPSS
0.9%
CVE-2017-10111 CRITICAL PATCH Act Now

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Java Oracle Jdk Jre +23
NVD
CVSS 3.1
9.6
EPSS
0.6%
CVE-2017-10110 CRITICAL PATCH Act Now

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Java Oracle Jdk Jre +24
NVD
CVSS 3.1
9.6
EPSS
0.3%
CVE-2017-10109 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Oracle Jdk Jre +25
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2017-10108 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Oracle Jdk Jre +26
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2017-10107 CRITICAL PATCH Act Now

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Java Oracle Jdk Jre +24
NVD
CVSS 3.1
9.6
EPSS
0.3%
CVE-2017-10105 MEDIUM PATCH This Month

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Java Oracle Jdk Jre +21
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2017-10102 CRITICAL PATCH Act Now

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Java Oracle Jdk Jre +25
NVD
CVSS 3.1
9.0
EPSS
0.4%
CVE-2017-10101 CRITICAL PATCH Act Now

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Java Oracle Jdk Jre +24
NVD
CVSS 3.1
9.6
EPSS
0.3%
CVE-2017-10096 CRITICAL PATCH Act Now

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Java Oracle Jdk Jre +24
NVD
CVSS 3.1
9.6
EPSS
0.3%
CVE-2017-10090 CRITICAL PATCH Act Now

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Java Oracle Jdk Jre +23
NVD
CVSS 3.1
9.6
EPSS
0.3%
CVE-2017-10089 CRITICAL PATCH Act Now

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Java Oracle Jdk Jre +24
NVD
CVSS 3.1
9.6
EPSS
0.3%
CVE-2017-10087 CRITICAL PATCH Act Now

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Java Oracle Jdk Jre +24
NVD
CVSS 3.1
9.6
EPSS
0.3%
CVE-2017-10086 CRITICAL PATCH Act Now

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Java Oracle Jdk Jre +17
NVD
CVSS 3.1
9.6
EPSS
0.6%
CVE-2017-10081 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Java Oracle Jdk Jre +17
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2017-10078 HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Scripting). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Java Oracle Jdk Jre +25
NVD
CVSS 3.1
8.1
EPSS
1.5%
CVE-2017-10074 HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Java Oracle Jdk Jre +23
NVD
CVSS 3.1
8.3
EPSS
1.0%
CVE-2017-10067 HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Java Oracle Jdk Jre +24
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2016-9841 CRITICAL Act Now

inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.5% and no vendor patch available.

Information Disclosure Zlib Leap Opensuse Debian Linux +35
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
13.5%
EPSS 54% CVSS 7.5
HIGH POC PATCH THREAT This Week

In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Jetty Autovue For Agile Product Lifecycle Management +19
NVD GitHub
EPSS 82% CVSS 5.3
MEDIUM POC PATCH THREAT This Month

In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Jetty Cloud Manager +15
NVD GitHub Exploit-DB
EPSS 4% CVSS 2.7
LOW POC PATCH Monitor

In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Jetty Fedora +21
NVD GitHub
EPSS 43% CVSS 6.1
MEDIUM PATCH This Month

By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Apache Cxf +5
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Ntp Enterprise Linux +15
NVD
EPSS 4% CVSS 8.1
HIGH POC PATCH This Week

An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Race Condition Linux Information Disclosure +14
NVD GitHub
EPSS 4% CVSS 7.7
HIGH PATCH This Week

An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Linux Linux Kernel +13
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Linux Linux Kernel +12
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions. Rated high severity (CVSS 7.0).

Race Condition Linux Siemens +11
NVD GitHub
EPSS 6% CVSS 5.3
MEDIUM PATCH This Month

In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Jetty Oncommand System Manager +24
NVD
EPSS 4% CVSS 5.3
MEDIUM PATCH This Month

In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server running on Windows is vulnerable to exposure of the fully qualified Base Resource directory name on Windows to a remote client when it. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Jetty +24
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. Rated medium severity (CVSS 4.7).

Information Disclosure Linux Kernel Debian Linux +8
NVD
EPSS 5% CVSS 5.9
MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JSSE). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass +20
NVD
EPSS 3% CVSS 8.3
HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Information Disclosure +15
NVD
EPSS 4% CVSS 3.7
LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Denial Of Service +26
NVD
EPSS 2% CVSS 8.3
HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Windows DLL). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Microsoft +16
NVD
EPSS 2% CVSS 8.3
HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Information Disclosure +15
NVD
EPSS 3% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Authentication Bypass +20
NVD
EPSS 2% CVSS 9.0
CRITICAL PATCH Act Now

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java DB). Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Information Disclosure +15
NVD
EPSS 3% CVSS 8.3
HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Information Disclosure +24
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer). Rated high severity (CVSS 7.5).

Java Oracle Microsoft +21
NVD
EPSS 3% CVSS 4.7
MEDIUM PATCH This Month

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Authentication Bypass +20
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Java Oracle +29
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Oracle +29
NVD
EPSS 1% CVSS 6.2
MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Java Oracle +29
NVD
EPSS 6% CVSS 5.3
MEDIUM POC PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Java Oracle +30
NVD Exploit-DB
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Oracle +29
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Oracle +29
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Oracle +29
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Oracle +29
NVD
EPSS 1% CVSS 9.6
CRITICAL PATCH Act Now

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Java Oracle +29
NVD
EPSS 1% CVSS 3.1
LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Java Oracle +30
NVD
EPSS 2% CVSS 7.1
HIGH POC PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Java Oracle +26
NVD Exploit-DB
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle +30
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Java Oracle +21
NVD
EPSS 1% CVSS 9.6
CRITICAL PATCH Act Now

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Java Oracle +29
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Oracle +30
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Smart Card IO). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle +28
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAX-WS). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Oracle +27
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle +27
NVD
EPSS 0% CVSS 3.1
LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle +25
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Java Oracle +21
NVD
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle +27
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Rated high severity (CVSS 7.1), this vulnerability is no authentication required.

Information Disclosure Java Oracle +18
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Java Oracle +21
NVD
EPSS 2% CVSS 8.3
HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Java Oracle +28
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Java Oracle +28
NVD
EPSS 1% CVSS 8.3
HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Java Oracle +19
NVD
EPSS 1% CVSS 9.6
CRITICAL PATCH Act Now

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Java Oracle +25
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Java Oracle +26
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Oracle +27
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Oracle +28
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Java Oracle +26
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Java Oracle +23
NVD
EPSS 0% CVSS 9.0
CRITICAL PATCH Act Now

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Java Oracle +27
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Java Oracle +26
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Java Oracle +26
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Java Oracle +25
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Java Oracle +26
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Java Oracle +26
NVD
EPSS 1% CVSS 9.6
CRITICAL PATCH Act Now

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Java Oracle +19
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Java Oracle +19
NVD
EPSS 2% CVSS 8.1
HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Scripting). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Java Oracle +27
NVD
EPSS 1% CVSS 8.3
HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Java Oracle +25
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Java Oracle +26
NVD
EPSS 13% CVSS 9.8
CRITICAL Act Now

inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.5% and no vendor patch available.

Information Disclosure Zlib Leap +37
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy