| CVE-2011-3550 |
high |
— |
7.6 |
|
|
sun |
15y ago |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java app… |
| CVE-2011-3547 |
medium |
— |
5.0 |
|
|
oraclesun |
15y ago |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrust… |
| CVE-2011-3546 |
medium |
— |
5.8 |
|
|
oraclesun |
15y ago |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JavaFX 2.0 allows remote untrusted Java Web Start applications and un… |
| CVE-2011-3516 |
high |
— |
7.6 |
|
|
sun |
15y ago |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, when running on Windows, allows remote untrusted Java Web Start applications… |
| CVE-2011-0872 |
medium |
— |
5.0 |
|
|
sun |
15y ago |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote attackers to affect availability via unknown vectors related to NIO. |
| CVE-2011-0869 |
medium |
— |
5.0 |
|
|
sun |
15y ago |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 26 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to a… |
| CVE-2011-0868 |
medium |
— |
5.0 |
|
|
sun |
15y ago |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D. |
| CVE-2011-0867 |
medium |
— |
5.0 |
|
|
sun |
15y ago |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java W… |
| CVE-2011-0866 |
high |
— |
7.6 |
|
|
sun |
15y ago |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier, when running on Windows, allo… |
| CVE-2011-0788 |
high |
— |
7.6 |
|
|
sun |
15y ago |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and u… |
| CVE-2011-0786 |
high |
— |
7.6 |
|
|
sun |
15y ago |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and u… |
| CVE-2011-0706 |
high |
— |
7.5 |
|
|
redhatsun |
16y ago |
The JNLPClassLoader class in IcedTea-Web before 1.0.1, as used in OpenJDK Runtime Environment 1.6.0, allows remote attackers to gain privileges via unknown vectors related to multiple signers and the… |
| CVE-2010-4476 |
medium |
— |
6.0 |
EXP |
|
sun |
16y ago |
Apache Tomcat affected by infinite loop in Double.parseDouble method in Java Runtime Environment |
| CVE-2010-4475 |
medium |
— |
4.3 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untr… |
| CVE-2010-4471 |
medium |
— |
5.0 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, and 5.0 Update 27 and earlier allows remote untrusted Java Web Start a… |
| CVE-2010-4470 |
medium |
— |
5.0 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows remote attackers to affect availability via unknown vector… |
| CVE-2010-4468 |
medium |
— |
4.0 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, and 5.0 Update 27 and earlier, allows remote untrusted Java Web Start … |
| CVE-2010-4466 |
medium |
— |
5.0 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Windows, Solaris, and, Linux; 5.0 Update 27 and earlier for Windows… |
| CVE-2010-4451 |
high |
— |
7.6 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Windows, when using Java Update, allows remote attackers to affect … |
| CVE-2010-4447 |
medium |
— |
4.3 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untr… |
| CVE-2010-4422 |
high |
— |
7.6 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to affect confidentiality, integrity, and avail… |
| CVE-2010-4351 |
medium |
— |
6.8 |
|
|
redhatsun |
16y ago |
The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in … |
| CVE-2010-4456 |
medium |
— |
4.3 |
|
|
sun |
16y ago |
Unspecified vulnerability in Oracle Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to affect integrity via unknown vectors related to Web Mail. |
| CVE-2010-4444 |
medium |
— |
6.8 |
|
|
oraclesun |
16y ago |
Unspecified vulnerability in Oracle Sun Java System Access Manager and Oracle OpenSSO 7, 7.1, and 8 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. |
| CVE-2010-3573 |
medium |
— |
6.1 |
EXP |
|
sun |
16y ago |
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availabil… |
| CVE-2010-3570 |
high |
— |
7.6 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Deployment Toolkit component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via un… |
| CVE-2010-3561 |
high |
— |
7.5 |
|
|
sun |
16y ago |
Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability v… |
| CVE-2010-3557 |
medium |
— |
6.8 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrit… |
| CVE-2010-3551 |
medium |
— |
5.0 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown ve… |
| CVE-2010-3549 |
medium |
— |
6.8 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, int… |
| CVE-2010-3548 |
medium |
— |
5.0 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Java Naming and Directory Interface (JNDI) component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affec… |
| CVE-2010-3541 |
medium |
— |
5.1 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, int… |
| CVE-2010-1227 |
medium |
— |
4.3 |
|
|
sun |
16y ago |
Cross-site scripting (XSS) vulnerability in Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to inject arbitrary web script or HTML via the subject field of a message, as de… |
| CVE-2010-0850 |
high |
— |
7.5 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. |
| CVE-2010-0849 |
high |
— |
7.5 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integr… |
| CVE-2010-0848 |
high |
— |
7.5 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integr… |
| CVE-2010-0847 |
high |
— |
7.5 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integr… |
| CVE-2010-0846 |
high |
— |
7.5 |
|
|
sun |
16y ago |
Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integr… |
| CVE-2010-0845 |
medium |
— |
5.1 |
|
|
sun |
16y ago |
Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and av… |
| CVE-2010-0844 |
high |
— |
7.5 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrit… |
| CVE-2010-0843 |
high |
— |
7.5 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrit… |
| CVE-2010-0842 |
high |
— |
8.5 |
EXP |
|
sun |
16y ago |
Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrit… |
| CVE-2010-0841 |
high |
— |
7.5 |
|
|
sun |
16y ago |
Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and a… |
| CVE-2010-0839 |
high |
— |
7.5 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrit… |
| CVE-2010-0838 |
high |
— |
8.5 |
EXP |
|
sun |
16y ago |
Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availabil… |
| CVE-2010-0837 |
high |
— |
7.5 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Pack200 component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availabil… |
| CVE-2010-0095 |
medium |
— |
6.8 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality,… |
| CVE-2010-0094 |
high |
— |
8.5 |
EXP |
|
sun |
16y ago |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18 and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity,… |
| CVE-2010-0093 |
medium |
— |
5.1 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality,… |
| CVE-2010-0092 |
medium |
— |
5.1 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity… |
| CVE-2010-0091 |
medium |
— |
4.3 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality … |
| CVE-2010-0090 |
medium |
— |
5.8 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18 allows remote attackers to affect integrity and availability via unknown ve… |
| CVE-2010-0089 |
medium |
— |
5.0 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect availability… |
| CVE-2010-0088 |
medium |
— |
6.8 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confid… |
| CVE-2010-0087 |
high |
— |
7.5 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect co… |
| CVE-2010-0085 |
medium |
— |
5.1 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confid… |
| CVE-2010-0084 |
medium |
— |
5.0 |
|
|
sun |
16y ago |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality … |
| CVE-2010-0082 |
medium |
— |
5.1 |
|
|
sun |
16y ago |
Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality,… |
| CVE-2010-0708 |
medium |
— |
5.0 |
|
|
sun |
17y ago |
Multiple unspecified vulnerabilities in (1) ns-slapd and (2) slapd.exe in Sun Directory Server Enterprise Edition 7.0, Sun Java System Directory Server 5.2, and Sun Java System Directory Server Enter… |
| CVE-2003-1590 |
medium |
— |
5.0 |
|
|
sun |
17y ago |
Unspecified vulnerability in Sun ONE (aka iPlanet) Web Server 6.0 SP3 through SP5 on Windows allows remote attackers to cause a denial of service (daemon crash) via unknown vectors. |
| CVE-2003-1589 |
medium |
— |
5.0 |
|
|
sun |
17y ago |
Unspecified vulnerability in Sun ONE (aka iPlanet) Web Server 4.1 before SP13 and 6.0 before SP6 on Windows allows attackers to cause a denial of service (daemon crash) via unknown vectors. |
| CVE-2003-1579 |
medium |
— |
4.3 |
|
|
sun |
17y ago |
Sun ONE (aka iPlanet) Web Server 6 on Windows, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP a… |
| CVE-2003-1578 |
medium |
— |
4.3 |
|
|
sun |
17y ago |
Sun ONE (aka iPlanet) Web Server 4.1 through SP12 and 6.0 through SP5, when DNS resolution is enabled for client IP addresses, allows remote attackers to hide HTTP requests from the log-preview funct… |
| CVE-2004-2766 |
medium |
— |
4.3 |
|
rhel |
sun |
17y ago |
Webmail in Sun ONE Messaging Server 6.1 and iPlanet Messaging Server 5.2 before 5.2hf2.02 allows remote attackers to obtain unspecified "access" to e-mail via a crafted e-mail message, related to a "… |
| CVE-2004-2765 |
medium |
— |
4.3 |
|
rhel |
sun |
17y ago |
Cross-site scripting (XSS) vulnerability in Webmail in Sun ONE Messaging Server 6.1 and iPlanet Messaging Server 5.2 before 5.2hf2.02, when Internet Explorer is used, allows remote attackers to injec… |
| CVE-2010-0389 |
medium |
— |
5.0 |
|
|
sun |
17y ago |
The admin server in Sun Java System Web Server 7.0 Update 6 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an HTTP request that lacks a method to… |
| CVE-2010-0388 |
high |
— |
8.5 |
EXP |
|
sun |
17y ago |
Format string vulnerability in the WebDAV implementation in webservd in Sun Java System Web Server 7.0 Update 6 allows remote attackers to cause a denial of service (daemon crash) and possibly have u… |
| CVE-2010-0387 |
high |
— |
8.5 |
EXP |
|
sun |
17y ago |
Multiple heap-based buffer overflows in (1) webservd and (2) the admin server in Sun Java System Web Server 7.0 Update 7 allow remote attackers to cause a denial of service (daemon crash) and possibl… |
| CVE-2010-0386 |
high |
8.1 |
8.1 |
|
|
sun |
17y ago |
The default configuration of Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method, which makes it easier for remote attackers to steal cookies and authentication credential… |
