| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2019-10168 |
22 |
|
Dir. Trav. |
2019-08-02 |
2020-10-15 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges. |
|
2 |
CVE-2019-10167 |
22 |
|
Dir. Trav. |
2019-08-02 |
2020-10-15 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges. |
|
3 |
CVE-2019-10166 |
|
|
|
2019-08-02 |
2020-10-15 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed. |
|
4 |
CVE-2019-8308 |
668 |
|
|
2019-02-12 |
2020-08-24 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file. |
|
5 |
CVE-2019-7221 |
416 |
|
|
2019-03-21 |
2020-10-15 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. |
|
6 |
CVE-2019-6454 |
119 |
|
DoS Overflow |
2019-03-21 |
2019-06-04 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to PID1, causing the stack pointer to jump over the stack guard pages into an unmapped memory region and trigger a denial of service (systemd PID1 crash and kernel panic). |
|
7 |
CVE-2019-6133 |
362 |
|
Bypass |
2019-01-11 |
2020-08-24 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c. |
|
8 |
CVE-2019-3838 |
|
|
|
2019-03-25 |
2020-10-15 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. |
|
9 |
CVE-2019-3835 |
862 |
|
|
2019-03-25 |
2020-10-15 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. |
|
10 |
CVE-2019-2422 |
|
|
|
2019-01-16 |
2020-09-08 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N). |
|
11 |
CVE-2018-1000199 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-05-24 |
2020-08-24 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f. |
|
12 |
CVE-2018-18506 |
|
|
|
2019-02-05 |
2020-08-24 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. This behavior is disallowed by default when a proxy is manually configured, but when enabled could allow for attacks on services and tools that bind to the localhost for networked behavior if they are accessed through browsing. This vulnerability affects Firefox < 65. |
|
13 |
CVE-2018-18494 |
346 |
|
|
2019-02-28 |
2019-03-11 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64. |
|
14 |
CVE-2018-18073 |
200 |
|
Bypass +Info |
2018-10-15 |
2020-10-22 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object. |
|
15 |
CVE-2018-17972 |
362 |
|
|
2018-10-03 |
2020-10-15 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents. |
|
16 |
CVE-2018-16865 |
770 |
|
Exec Code |
2019-01-11 |
2020-09-18 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges. Versions through v240 are vulnerable. |
|
17 |
CVE-2018-16864 |
770 |
|
|
2019-01-11 |
2020-09-18 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versions through v240 are vulnerable. |
|
18 |
CVE-2018-16542 |
787 |
|
|
2018-09-05 |
2020-08-24 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter. |
|
19 |
CVE-2018-16541 |
416 |
|
|
2018-09-05 |
2019-03-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter. |
|
20 |
CVE-2018-16539 |
200 |
|
+Info |
2018-09-05 |
2019-03-07 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable. |
|
21 |
CVE-2018-14646 |
476 |
|
DoS |
2018-11-26 |
2019-10-09 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. A local attacker could exploit this when a net namespace with a netnsid is assigned to cause a kernel panic and a denial of service. |
|
22 |
CVE-2018-12396 |
732 |
|
|
2019-02-28 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A vulnerability where a WebExtension can run content scripts in disallowed contexts following navigation or other events. This allows for potential privilege escalation by the WebExtension on sites where content scripts should not be run. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63. |
|
23 |
CVE-2018-12385 |
20 |
|
|
2018-10-18 |
2018-12-06 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination with another vulnerability allowing an attacker to write data into the local cache or from locally installed malware. This issue also triggers a non-exploitable startup crash for users switching between the Nightly and Release versions of Firefox if the same profile is used. This vulnerability affects Thunderbird < 60.2.1, Firefox ESR < 60.2.1, and Firefox < 62.0.2. |
|
24 |
CVE-2018-12379 |
787 |
|
|
2018-10-18 |
2018-12-06 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running the Mozilla Updater manually on the local system with the malicious MAR file in order to occur. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1. |
|
25 |
CVE-2018-12366 |
125 |
|
|
2018-10-18 |
2018-12-03 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds read interpreted as a float value. This could leak private data into the output. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. |
|
26 |
CVE-2018-12365 |
200 |
|
+Info |
2018-10-18 |
2018-12-03 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private local files. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. |
|
27 |
CVE-2018-12207 |
20 |
|
DoS |
2019-11-14 |
2020-07-15 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access. |
|
28 |
CVE-2018-11784 |
601 |
|
|
2018-10-04 |
2019-06-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice. |
|
29 |
CVE-2018-11781 |
94 |
|
|
2018-09-17 |
2019-08-06 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Apache SpamAssassin 3.4.2 fixes a local user code injection in the meta rule syntax. |
|
30 |
CVE-2018-7566 |
119 |
|
Overflow |
2018-03-30 |
2020-08-24 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user. |
|
31 |
CVE-2018-7550 |
125 |
|
Exec Code |
2018-03-01 |
2020-05-14 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss_end_addr, which triggers an out-of-bounds read or write memory access. |
|
32 |
CVE-2018-6927 |
190 |
|
DoS Overflow |
2018-02-12 |
2019-03-06 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value. |
|
33 |
CVE-2018-6574 |
94 |
|
Exec Code |
2018-02-07 |
2019-10-03 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before Go 1.10rc2 allow "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked. |
|
34 |
CVE-2018-6560 |
436 |
|
|
2018-02-02 |
2019-10-03 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and 0.10.x before 0.10.3, crafted D-Bus messages to the host can be used to break out of the sandbox, because whitespace handling in the proxy is not identical to whitespace handling in the daemon. |
|
35 |
CVE-2018-5950 |
79 |
|
XSS |
2018-01-23 |
2020-11-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL. |
|
36 |
CVE-2018-5185 |
311 |
|
|
2018-06-11 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Plaintext of decrypted emails can leak through by user submitting an embedded form. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8. |
|
37 |
CVE-2018-5170 |
20 |
|
|
2018-06-11 |
2019-03-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
It is possible to spoof the filename of an attachment and display an arbitrary attachment name. This could lead to a user opening a remote attachment which is a different file type than expected. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8. |
|
38 |
CVE-2018-5161 |
20 |
|
|
2018-06-11 |
2019-03-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Crafted message headers can cause a Thunderbird process to hang on receiving the message. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8. |
|
39 |
CVE-2018-5131 |
200 |
|
+Info |
2018-06-11 |
2019-03-08 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Under certain circumstances the "fetch()" API can return transient local copies of resources that were sent with a "no-store" or "no-cache" cache header instead of downloading a copy from the network as it should. This can result in previously stored, locally cached data of a website being accessible to users if they share a common profile while browsing. This vulnerability affects Firefox ESR < 52.7 and Firefox < 59. |
|
40 |
CVE-2018-3693 |
|
|
Overflow |
2018-07-10 |
2020-10-20 |
4.7 |
None |
Local |
Medium |
Not required |
Complete |
None |
None |
|
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. |
|
41 |
CVE-2018-2817 |
|
|
|
2018-04-19 |
2019-10-03 |
4.0 |
None |
Remote |
Low |
??? |
None |
None |
Partial |
|
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
|
42 |
CVE-2018-2813 |
|
|
|
2018-04-19 |
2020-08-24 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N). |
|
43 |
CVE-2018-2800 |
|
|
|
2018-04-19 |
2020-09-08 |
4.0 |
None |
Remote |
High |
Not required |
Partial |
Partial |
None |
|
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u181, 7u171 and 8u162; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, JRockit accessible data as well as unauthorized read access to a subset of Java SE, JRockit accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N). |
|
44 |
CVE-2018-2678 |
|
|
DoS |
2018-01-18 |
2020-09-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L). |
|
45 |
CVE-2018-2677 |
|
|
DoS |
2018-01-18 |
2020-09-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L). |
|
46 |
CVE-2018-2663 |
|
|
DoS |
2018-01-18 |
2020-09-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L). |
|
47 |
CVE-2018-2634 |
|
|
|
2018-01-18 |
2020-09-08 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. While the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N). |
|
48 |
CVE-2018-2618 |
|
|
|
2018-01-18 |
2020-09-08 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N). |
|
49 |
CVE-2018-2588 |
|
|
|
2018-01-18 |
2020-09-08 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: LDAP). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N). |
|
50 |
CVE-2018-2582 |
|
|
|
2018-01-18 |
2020-09-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N). |
