Total
426 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3583 | 1 Sun | 2 Jre, Sdk | 2016-10-18 | 7.8 HIGH | N/A |
| (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.2_08, 1.4.2_09, and 1.5.0_05 and possibly other versions allow remote attackers to cause a denial of service (JVM unresponsive) via a crafted serialized object, such as a font object as demonstrated on JBoss. | |||||
| CVE-2003-0896 | 1 Sun | 1 Jre | 2016-10-18 | 7.5 HIGH | N/A |
| The loadClass method of the sun.applet.AppletClassLoader class in the Java Virtual Machine (JVM) in Sun SDK and JRE 1.4.1_03 and earlier allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a loaded class name that contains "/" (slash) instead of "." (dot) characters, which bypasses a call to the Security Manager's checkPackageAccess method. | |||||
| CVE-2010-0079 | 2 Oracle, Sun | 3 Bea Product Suite, Jdk, Jre | 2012-10-23 | 10.0 HIGH | N/A |
| Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, 5, and 6 allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this CVE identifier overlaps CVE-2009-3867, CVE-2009-3868, CVE-2009-3869, CVE-2009-3871, CVE-2009-3872, CVE-2009-3873, CVE-2009-3874, CVE-2009-3875, CVE-2009-3876, and CVE-2009-3877. | |||||
| CVE-2009-1006 | 2 Oracle, Sun | 4 Jrockit, Jdk, Jre and 1 more | 2012-10-23 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.2 and earlier, with SDK/JRE 1.4.2, JRE/JDK 5, and JRE/JDK 6, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2002-2072 | 1 Sun | 1 Jre | 2008-09-05 | 5.0 MEDIUM | N/A |
| java.security.AccessController in Sun Java Virtual Machine (JVM) in JRE 1.2.2 and 1.3.1 allows remote attackers to cause a denial of service (JVM crash) via a Java program that calls the doPrivileged method with a null argument. | |||||
| CVE-2001-1008 | 1 Sun | 2 Java Plug-in, Jre | 2008-09-05 | 7.5 HIGH | N/A |
| Java Plugin 1.4 for JRE 1.3 executes signed applets even if the certificate is expired, which could allow remote attackers to conduct unauthorized activities via an applet that has been signed by an expired certificate. | |||||