Product:

Jdk

(Oracle)
Repositories https://github.com/madler/zlib
https://github.com/glennrp/libpng
#Vulnerabilities 708
Date Id Summary Products Score Patch Annotated
2022-10-18 CVE-2022-21618 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that are affected are Oracle Java SE: 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete... Fedora, 7\-Mode_transition_tool, Cloud_insights_acquisition_unit, Cloud_secure_agent, E\-Series_santricity_os_controller, E\-Series_santricity_storage_manager, E\-Series_santricity_unified_manager, Oncommand_insight, Oncommand_workflow_automation, Santricity_storage_plugin, Graalvm, Jdk, Jre 5.3
2022-10-18 CVE-2022-21619 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this... Fedora, 7\-Mode_transition_tool, Cloud_insights_acquisition_unit, Cloud_secure_agent, E\-Series_santricity_os_controller, E\-Series_santricity_storage_manager, E\-Series_santricity_unified_manager, Oncommand_insight, Oncommand_workflow_automation, Santricity_storage_plugin, Santricity_web_services_proxy, Graalvm, Jdk, Jre 3.7
2022-10-18 CVE-2022-21624 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability... Fedora, 7\-Mode_transition_tool, Cloud_insights_acquisition_unit, Cloud_secure_agent, E\-Series_santricity_os_controller, E\-Series_santricity_storage_manager, E\-Series_santricity_unified_manager, Oncommand_insight, Oncommand_workflow_automation, Santricity_storage_plugin, Santricity_web_services_proxy, Graalvm, Jdk, Jre 3.7
2022-10-18 CVE-2022-21626 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized... Fedora, 7\-Mode_transition_tool, Cloud_insights_acquisition_unit, Cloud_secure_agent, E\-Series_santricity_os_controller, E\-Series_santricity_storage_manager, E\-Series_santricity_unified_manager, Oncommand_insight, Oncommand_workflow_automation, Santricity_storage_plugin, Santricity_web_services_proxy, Graalvm, Jdk, Jre 5.3
2022-10-18 CVE-2022-21628 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this... Fedora, 7\-Mode_transition_tool, Cloud_insights_acquisition_unit, Cloud_secure_agent, E\-Series_santricity_os_controller, E\-Series_santricity_storage_manager, E\-Series_santricity_unified_manager, Oncommand_insight, Oncommand_workflow_automation, Santricity_storage_plugin, Santricity_web_services_proxy, Graalvm, Jdk, Jre 5.3
2022-10-18 CVE-2022-39399 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized... Fedora, 7\-Mode_transition_tool, Cloud_insights_acquisition_unit, Cloud_secure_agent, E\-Series_santricity_os_controller, E\-Series_santricity_storage_manager, E\-Series_santricity_unified_manager, Oncommand_insight, Oncommand_workflow_automation, Santricity_storage_plugin, Santricity_web_services_proxy, Graalvm, Jdk, Jre 3.7
2020-04-15 CVE-2020-2801 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. Note: The patch for this issue will address the vulnerability only if the WLS... Jdk, Weblogic_server 9.8
2022-07-19 CVE-2022-34169 The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. The Apache Xalan Java project is dormant and in the process of being retired. No future releases of Apache Xalan Java to address this issue are expected. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan. Xalan\-Java, Zulu, Debian_linux, Fedora, 7\-Mode_transition_tool, Active_iq_unified_manager, Cloud_insights_acquisition_unit, Cloud_secure_agent, Hci_compute_node, Hci_management_node, Oncommand_insight, Solidfire, Graalvm, Jdk, Jre, Openjdk 7.5
2019-10-16 CVE-2019-2988 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE... Ubuntu_linux, Debian_linux, E\-Series_santricity_os_controller, E\-Series_santricity_storage_manager, E\-Series_santricity_unified_manager, E\-Series_santricity_web_services_proxy, Oncommand_workflow_automation, Snapmanager, Leap, Jdk, Jre, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Satellite 3.7
2019-10-16 CVE-2019-2992 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE... Ubuntu_linux, Debian_linux, E\-Series_santricity_os_controller, E\-Series_santricity_storage_manager, E\-Series_santricity_unified_manager, E\-Series_santricity_web_services_proxy, Oncommand_workflow_automation, Snapmanager, Leap, Jdk, Jre, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Satellite 3.7