cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2018-2629,https://securityvulnerability.io/vulnerability/CVE-2018-2629,,"Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N).",Oracle,"Jrockit,Jdk,Jre",5.3,MEDIUM,0.0024999999441206455,false,false,false,false,,false,false,2018-01-18T02:00:00.000Z,0
CVE-2016-5547,https://securityvulnerability.io/vulnerability/CVE-2016-5547,,"Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.3 (Availability impacts).",Oracle,"Java Se,Java Se Embedded,Jrockit",5.3,MEDIUM,0.00675999978557229,false,false,false,false,,false,false,2017-01-27T22:01:00.000Z,0
CVE-2016-5552,https://securityvulnerability.io/vulnerability/CVE-2016-5552,,"Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.3 (Integrity impacts).",Oracle,"Java Se,Java Se Embedded,Jrockit",5.3,MEDIUM,0.004470000043511391,false,false,false,false,,false,false,2017-01-27T22:01:00.000Z,0
CVE-2017-3241,https://securityvulnerability.io/vulnerability/CVE-2017-3241,,"Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS v3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts).",Oracle,"Java Se,Java Se Embedded,Jrockit",9,CRITICAL,0.07038000226020813,false,false,false,true,true,false,false,2017-01-27T22:01:00.000Z,0
CVE-2017-3252,https://securityvulnerability.io/vulnerability/CVE-2017-3252,,"Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAAS). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.8 (Integrity impacts).",Oracle,Java Javase:6u131;7u121;8u112;javaseembedded:8u111;jrockit:r28.3.12,5.8,MEDIUM,0.004490000195801258,false,false,false,false,,false,false,2017-01-27T22:01:00.000Z,0
CVE-2016-5546,https://securityvulnerability.io/vulnerability/CVE-2016-5546,,"Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 7.5 (Integrity impacts).",Oracle,"Java Se,Java Se Embedded,Jrockit",7.5,HIGH,0.004360000137239695,false,false,false,false,,false,false,2017-01-27T22:01:00.000Z,0
CVE-2017-3253,https://securityvulnerability.io/vulnerability/CVE-2017-3253,,"Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 7.5 (Availability impacts).",Oracle,"Java Se,Java Se Embedded,Jrockit",7.5,HIGH,0.004019999876618385,false,false,false,false,,false,false,2017-01-27T22:01:00.000Z,0
CVE-2016-3508,https://securityvulnerability.io/vulnerability/CVE-2016-3508,,"Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500.",Oracle,"Jrockit,Jdk,Jre",5.3,MEDIUM,0.008390000090003014,false,false,false,false,,false,false,2016-07-21T10:00:00.000Z,0
CVE-2016-3485,https://securityvulnerability.io/vulnerability/CVE-2016-3485,,"Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows local users to affect integrity via vectors related to Networking.",Oracle,"Jrockit,Jdk,Jre",2.9,LOW,0.0010999999940395355,false,false,false,false,,false,false,2016-07-21T10:00:00.000Z,0
CVE-2016-0695,https://securityvulnerability.io/vulnerability/CVE-2016-0695,,"Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.",Oracle,"Jrockit,Jdk,Jre",5.9,MEDIUM,0.0047599999234080315,false,false,false,false,,false,false,2016-04-21T10:00:00.000Z,0
CVE-2016-3425,https://securityvulnerability.io/vulnerability/CVE-2016-3425,,"Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP.",Oracle,"Jrockit,Jdk,Jre",4.3,MEDIUM,0.022040000185370445,false,false,false,false,,false,false,2016-04-21T10:00:00.000Z,0
CVE-2016-3427,https://securityvulnerability.io/vulnerability/CVE-2016-3427,,"Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.",Oracle,"Jrockit,Jdk,Jre",9.8,CRITICAL,0.8556399941444397,true,false,false,true,,false,false,2016-04-21T10:00:00.000Z,0
CVE-2016-0475,https://securityvulnerability.io/vulnerability/CVE-2016-0475,,"Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.",Oracle,"Jrockit,Jdk,Jre",,,0.004230000078678131,false,false,false,false,,false,false,2016-01-21T02:00:00.000Z,0
CVE-2015-4911,https://securityvulnerability.io/vulnerability/CVE-2015-4911,,"Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4893.",Oracle,Jrockit,,,0.07760000228881836,false,false,false,false,,false,false,2015-10-22T00:00:00.000Z,0
CVE-2015-4872,https://securityvulnerability.io/vulnerability/CVE-2015-4872,,"Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect integrity via unknown vectors related to Security.",Oracle,Jrockit,,,0.00875999964773655,false,false,false,false,,false,false,2015-10-21T23:59:00.000Z,0
CVE-2015-4893,https://securityvulnerability.io/vulnerability/CVE-2015-4893,,"Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911.",Oracle,Jrockit,,,0.0342399999499321,false,false,false,false,,false,false,2015-10-21T23:59:00.000Z,0
CVE-2015-4803,https://securityvulnerability.io/vulnerability/CVE-2015-4803,,"Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911.",Oracle,Jrockit,,,0.06656000018119812,false,false,false,false,,false,false,2015-10-21T21:00:00.000Z,0
CVE-2015-2601,https://securityvulnerability.io/vulnerability/CVE-2015-2601,,"Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE.",Oracle,Jrockit,,,0.008349999785423279,false,false,false,false,,false,false,2015-07-16T10:00:00.000Z,0
CVE-2015-4748,https://securityvulnerability.io/vulnerability/CVE-2015-4748,,"Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security.",Oracle,Jrockit,,,0.02606000006198883,false,false,false,false,,false,false,2015-07-16T10:00:00.000Z,0
CVE-2015-4749,https://securityvulnerability.io/vulnerability/CVE-2015-4749,,"Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect availability via vectors related to JNDI.",Oracle,Jrockit,,,0.040150001645088196,false,false,false,false,,false,false,2015-07-16T10:00:00.000Z,0
CVE-2015-0478,https://securityvulnerability.io/vulnerability/CVE-2015-0478,,"Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect confidentiality via vectors related to JCE.",Oracle,Jrockit,,,0.009410000406205654,false,false,false,false,,false,false,2015-04-16T16:00:00.000Z,0
CVE-2015-0488,https://securityvulnerability.io/vulnerability/CVE-2015-0488,,"Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect availability via vectors related to JSSE.",Oracle,Jrockit,,,0.06887000054121017,false,false,false,false,,false,false,2015-04-16T16:00:00.000Z,0
CVE-2014-6593,https://securityvulnerability.io/vulnerability/CVE-2014-6593,,"Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit 27.8.4 and 28.3.4 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE.",Oracle,Jrockit,,,0.6363199949264526,false,false,false,false,,false,false,2015-01-21T15:00:00.000Z,0
CVE-2014-6517,https://securityvulnerability.io/vulnerability/CVE-2014-6517,,"Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and Jrockit R27.8.3 and R28.3.3 allows remote attackers to affect confidentiality via vectors related to JAXP.",Oracle,Jrockit,,,0.010420000180602074,false,false,false,false,,false,false,2014-10-15T22:03:00.000Z,0
CVE-2014-6512,https://securityvulnerability.io/vulnerability/CVE-2014-6512,,"Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Libraries.",Oracle,Jrockit,,,0.006990000139921904,false,false,false,false,,false,false,2014-10-15T22:03:00.000Z,0