Search Results (4046 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-0411 2 Oracle, Redhat 7 Jdk, Jre, Jrockit and 4 more 2025-04-11 N/A
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake.
CVE-2014-0428 2 Oracle, Redhat 6 Jdk, Jre, Enterprise Linux and 3 more 2025-04-11 N/A
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox.
CVE-2014-0491 5 Adobe, Apple, Linux and 2 more 7 Adobe Air, Adobe Air Sdk, Flash Player and 4 more 2025-04-11 N/A
Adobe Flash Player before 11.7.700.260 and 11.8.x and 11.9.x before 12.0.0.38 on Windows and Mac OS X and before 11.2.202.335 on Linux, Adobe AIR before 4.0.0.1390, Adobe AIR SDK before 4.0.0.1390, and Adobe AIR SDK & Compiler before 4.0.0.1390 allow attackers to bypass unspecified protection mechanisms via unknown vectors.
CVE-2014-0492 5 Adobe, Apple, Linux and 2 more 7 Adobe Air, Adobe Air Sdk, Flash Player and 4 more 2025-04-11 N/A
Adobe Flash Player before 11.7.700.260 and 11.8.x and 11.9.x before 12.0.0.38 on Windows and Mac OS X and before 11.2.202.335 on Linux, Adobe AIR before 4.0.0.1390, Adobe AIR SDK before 4.0.0.1390, and Adobe AIR SDK & Compiler before 4.0.0.1390 allow attackers to defeat the ASLR protection mechanism by leveraging an "address leak."
CVE-2011-3387 2 Ibm, Redhat 3 Java, Rhel Extras, Rhel Extras Sap 2025-04-11 N/A
The class file parser in IBM Java 1.4.2 SR13 FP9 allows remote authenticated users to cause a denial of service (memory consumption or an infinite loop) via a crafted attribute length field in a class file, related to validation of a length field at the wrong time, a different vulnerability than CVE-2011-0311.
CVE-2011-3389 9 Canonical, Debian, Google and 6 more 21 Ubuntu Linux, Debian Linux, Chrome and 18 more 2025-04-11 N/A
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.
CVE-2011-3545 3 Oracle, Redhat, Sun 6 Jrockit, Network Satellite, Rhel Extras and 3 more 2025-04-11 N/A
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound.
CVE-2011-3549 2 Redhat, Sun 5 Network Satellite, Rhel Extras, Rhel Extras Sap and 2 more 2025-04-11 N/A
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing.
CVE-2011-3550 2 Redhat, Sun 4 Network Satellite, Rhel Extras, Jdk and 1 more 2025-04-11 N/A
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to AWT.
CVE-2011-3551 3 Oracle, Redhat, Sun 6 Jrockit, Enterprise Linux, Network Satellite and 3 more 2025-04-11 N/A
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
CVE-2011-3552 2 Redhat, Sun 6 Enterprise Linux, Network Satellite, Rhel Extras and 3 more 2025-04-11 N/A
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote attackers to affect integrity via unknown vectors related to Networking.
CVE-2011-3553 3 Oracle, Redhat, Sun 6 Jrockit, Enterprise Linux, Network Satellite and 3 more 2025-04-11 N/A
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JRockit R28.1.4 and earlier allows remote authenticated users to affect confidentiality, related to JAXWS.
CVE-2011-3554 2 Redhat, Sun 5 Enterprise Linux, Network Satellite, Rhel Extras and 2 more 2025-04-11 N/A
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors.
CVE-2011-3556 3 Oracle, Redhat, Sun 7 Jrockit, Enterprise Linux, Network Satellite and 4 more 2025-04-11 N/A
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to RMI, a different vulnerability than CVE-2011-3557.
CVE-2011-3557 3 Oracle, Redhat, Sun 7 Jrockit, Enterprise Linux, Network Satellite and 4 more 2025-04-11 N/A
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to RMI, a different vulnerability than CVE-2011-3556.
CVE-2011-3558 2 Redhat, Sun 4 Enterprise Linux, Rhel Extras, Jdk and 1 more 2025-04-11 N/A
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to HotSpot.
CVE-2011-5035 2 Oracle, Redhat 4 Glassfish Server, Enterprise Linux, Network Satellite and 1 more 2025-04-11 N/A
Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869.
CVE-2011-4369 5 Adobe, Apple, Microsoft and 2 more 6 Acrobat, Acrobat Reader, Mac Os X and 3 more 2025-04-11 N/A
Unspecified vulnerability in the PRC component in Adobe Reader and Acrobat 9.x before 9.4.7 on Windows, Adobe Reader and Acrobat 9.x through 9.4.6 on Mac OS X, Adobe Reader and Acrobat 10.x through 10.1.1 on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.
CVE-2011-4370 4 Adobe, Apple, Microsoft and 1 more 5 Acrobat, Reader, Macos and 2 more 2025-04-11 N/A
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4372 and CVE-2011-4373.
CVE-2011-4371 4 Adobe, Apple, Microsoft and 1 more 5 Acrobat, Reader, Macos and 2 more 2025-04-11 N/A
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.