Latest mcafee epolicy orchestrator Vulnerabilities

CVE-2023-5445
An open redirect vulnerability in ePolicy Orchestrator prior to 5.10.0 CP1 Update 2, allows a remote low privileged user to modify the URL parameter for the purpose of redirecting URL request(s) to a...
McAfee ePolicy Orchestrator<5.10.0
McAfee ePolicy Orchestrator=5.10.0-service_pack_1_update
McAfee ePolicy Orchestrator=5.10.0-service_pack_1_update_1
McAfee ePolicy Orchestrator=5.10.0-update_1
McAfee ePolicy Orchestrator=5.10.0-update_10
McAfee ePolicy Orchestrator=5.10.0-update_11
and 14 more
CVE-2023-5444
CSRF in ePO leading to privilege escalation
McAfee ePolicy Orchestrator<5.10.0
McAfee ePolicy Orchestrator=5.10.0-service_pack_1_update
McAfee ePolicy Orchestrator=5.10.0-service_pack_1_update_1
McAfee ePolicy Orchestrator=5.10.0-update_1
McAfee ePolicy Orchestrator=5.10.0-update_10
McAfee ePolicy Orchestrator=5.10.0-update_11
and 14 more
CVE-2023-3946
A reflected cross-site scripting (XSS) vulnerability in ePO prior to 5.10 SP1 Update 1allows a remote unauthenticated attacker to potentially obtain access to an ePO administrator's session by convin...
McAfee ePolicy Orchestrator<5.10.0
McAfee ePolicy Orchestrator=5.10.0
McAfee ePolicy Orchestrator=5.10.0-update_1
McAfee ePolicy Orchestrator=5.10.0-update_10
McAfee ePolicy Orchestrator=5.10.0-update_11
McAfee ePolicy Orchestrator=5.10.0-update_11_hotfix_1
and 13 more
CVE-2022-3338
An External XML entity (XXE) vulnerability in ePO prior to 5.10 Update 14 can lead to an unauthenticated remote attacker to potentially trigger a Server Side Request Forgery attack. This can be exploi...
McAfee ePolicy Orchestrator<5.10.0
McAfee ePolicy Orchestrator=5.10.0
McAfee ePolicy Orchestrator=5.10.0-update_1
McAfee ePolicy Orchestrator=5.10.0-update_10
McAfee ePolicy Orchestrator=5.10.0-update_11
McAfee ePolicy Orchestrator=5.10.0-update_12
and 9 more
CVE-2022-3339
A reflected cross-site scripting (XSS) vulnerability in ePO prior to 5.10 Update 14 allows a remote unauthenticated attacker to potentially obtain access to an ePO administrator's session by convincin...
McAfee ePolicy Orchestrator<5.10.0
McAfee ePolicy Orchestrator=5.10.0
McAfee ePolicy Orchestrator=5.10.0-update_1
McAfee ePolicy Orchestrator=5.10.0-update_10
McAfee ePolicy Orchestrator=5.10.0-update_11
McAfee ePolicy Orchestrator=5.10.0-update_12
and 9 more
CVE-2022-1258
A blind SQL injection vulnerability in the ePolicy Orchestrator (ePO) extension of MA prior to 5.7.6 can be exploited by an authenticated administrator on ePO to perform arbitrary SQL queries in the b...
Mcafee Agent<5.7.6
McAfee ePolicy Orchestrator
CVE-2022-0857
McAfee ePolicy Orchestrator<5.10.0
McAfee ePolicy Orchestrator=5.10.0
McAfee ePolicy Orchestrator=5.10.0-update_1
McAfee ePolicy Orchestrator=5.10.0-update_10
McAfee ePolicy Orchestrator=5.10.0-update_11
McAfee ePolicy Orchestrator=5.10.0-update_12
and 8 more
CVE-2022-0859
McAfee ePolicy Orchestrator<5.10.0
McAfee ePolicy Orchestrator=5.10.0
McAfee ePolicy Orchestrator=5.10.0-update_1
McAfee ePolicy Orchestrator=5.10.0-update_10
McAfee ePolicy Orchestrator=5.10.0-update_11
McAfee ePolicy Orchestrator=5.10.0-update_12
and 8 more
CVE-2022-0862
A lack of password change protection vulnerability in a depreciated API of McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a remote attacker to change the password of a com...
McAfee ePolicy Orchestrator<5.10.0
McAfee ePolicy Orchestrator=5.10.0
McAfee ePolicy Orchestrator=5.10.0-update_1
McAfee ePolicy Orchestrator=5.10.0-update_10
McAfee ePolicy Orchestrator=5.10.0-update_11
McAfee ePolicy Orchestrator=5.10.0-update_12
and 8 more
CVE-2022-0861
A XML Extended entity vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a remote administrator attacker to upload a malicious XML file through the extension ...
McAfee ePolicy Orchestrator<5.10.0
McAfee ePolicy Orchestrator=5.10.0
McAfee ePolicy Orchestrator=5.10.0-update_1
McAfee ePolicy Orchestrator=5.10.0-update_10
McAfee ePolicy Orchestrator=5.10.0-update_11
McAfee ePolicy Orchestrator=5.10.0-update_12
and 22 more
CVE-2022-0858
A cross-site scripting (XSS) vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a remote attacker to potentially obtain access to an ePO administrator's sessi...
McAfee ePolicy Orchestrator<5.10.0
McAfee ePolicy Orchestrator=5.10.0
McAfee ePolicy Orchestrator=5.10.0-update_1
McAfee ePolicy Orchestrator=5.10.0-update_10
McAfee ePolicy Orchestrator=5.10.0-update_11
McAfee ePolicy Orchestrator=5.10.0-update_12
and 8 more
CVE-2022-0842
A blind SQL injection vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a remote authenticated attacker to potentially obtain information from the ePO databa...
McAfee ePolicy Orchestrator<5.10.0
McAfee ePolicy Orchestrator=5.10.0
McAfee ePolicy Orchestrator=5.10.0-update_1
McAfee ePolicy Orchestrator=5.10.0-update_10
McAfee ePolicy Orchestrator=5.10.0-update_11
McAfee ePolicy Orchestrator=5.10.0-update_12
and 8 more
CVE-2021-31835
Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 11 allows ePO administrators to inject arbitrary web script or HTML via a specific parameter where the admi...
McAfee ePolicy Orchestrator<5.10.0
McAfee ePolicy Orchestrator=5.10.0
McAfee ePolicy Orchestrator=5.10.0
McAfee ePolicy Orchestrator=5.10.0-update_1
McAfee ePolicy Orchestrator=5.10.0-update_10
McAfee ePolicy Orchestrator=5.10.0-update_2
and 7 more
CVE-2021-31834
McAfee ePolicy Orchestrator<5.10.0
McAfee ePolicy Orchestrator=5.10.0
McAfee ePolicy Orchestrator=5.10.0
McAfee ePolicy Orchestrator=5.10.0-update_1
McAfee ePolicy Orchestrator=5.10.0-update_10
McAfee ePolicy Orchestrator=5.10.0-update_2
and 7 more
CVE-2021-3712
OpenSSL could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read when processing ASN.1 strings. By sending specially crafted data, an attacker could exploit this ...
redhat/jbcs-httpd24-apr<0:1.6.3-107.el8
redhat/jbcs-httpd24-apr-util<0:1.6.1-84.el8
redhat/jbcs-httpd24-curl<0:7.78.0-2.el8
redhat/jbcs-httpd24-httpd<0:2.4.37-78.el8
redhat/jbcs-httpd24-nghttp2<0:1.39.2-39.el8
redhat/jbcs-httpd24-openssl<1:1.1.1g-8.el8
and 79 more
CVE-2021-2432
An unspecified vulnerability in Java SE related to the JNDI component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack v...
IBM QRadar SIEM<=7.5.0 GA
IBM QRadar SIEM<=7.4.3 GA - 7.4.3 FP4
IBM QRadar SIEM<=7.3.3 GA - 7.3.3 FP10
Oracle JDK=1.7.0-update301
McAfee ePolicy Orchestrator<5.10.0
McAfee ePolicy Orchestrator=5.10.0
and 10 more
CVE-2021-30639
A vulnerability in Apache Tomcat allows an attacker to remotely trigger a denial of service. An error introduced as part of a change to improve error handling during non-blocking I/O meant that the er...
debian/tomcat9
IBM DRM<=2.0.6
Apache Tomcat=8.5.64
Apache Tomcat=9.0.44
Apache Tomcat=10.0.3
Apache Tomcat=10.0.4
and 13 more
CVE-2021-33037
Apache Tomcat is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP transfer-encoding request header. By sending a specially-crafted HTTP(S) transfer-encoding request header,...
redhat/jws5-tomcat<0:9.0.50-3.redhat_00004.1.el7
redhat/jws5-tomcat-native<0:1.2.30-3.redhat_3.el7
redhat/jws5-tomcat-vault<0:1.1.8-4.Final_redhat_00004.1.el7
redhat/jws5-tomcat<0:9.0.50-3.redhat_00004.1.el8
redhat/jws5-tomcat-native<0:1.2.30-3.redhat_3.el8
redhat/jws5-tomcat-vault<0:1.1.8-4.Final_redhat_00004.1.el8
and 91 more
CVE-2020-13938
Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows
Apache HTTP server>=2.4.0<=2.4.46
Microsoft Windows
McAfee ePolicy Orchestrator<5.10.0
McAfee ePolicy Orchestrator=5.10.0
McAfee ePolicy Orchestrator=5.10.0-update_1
McAfee ePolicy Orchestrator=5.10.0-update_10
and 11 more
CVE-2021-2161
An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact...
IBM DRM<=2.0.6
Oracle JDK=1.7.0-update291
Oracle JDK=1.8.0-update281
Oracle JDK=11.0.10
Oracle JDK=16.0.0
Oracle JRE=1.8.0-update281
and 140 more
CVE-2021-23889
Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 10 allows ePO administrators to inject arbitrary web script or HTML via multiple parameters where the admin...
McAfee ePolicy Orchestrator<5.10.0
McAfee ePolicy Orchestrator=5.10.0
McAfee ePolicy Orchestrator=5.10.0-update_1
McAfee ePolicy Orchestrator=5.10.0-update_2
McAfee ePolicy Orchestrator=5.10.0-update_3
McAfee ePolicy Orchestrator=5.10.0-update_4
and 5 more
CVE-2021-23890
Information leak vulnerability in the Agent Handler of McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 10 allows an unauthenticated user to download McAfee product packages (specifically McAfee...
McAfee ePolicy Orchestrator<5.9.1
McAfee ePolicy Orchestrator=5.10.0
McAfee ePolicy Orchestrator=5.10.0-update_1
McAfee ePolicy Orchestrator=5.10.0-update_2
McAfee ePolicy Orchestrator=5.10.0-update_3
McAfee ePolicy Orchestrator=5.10.0-update_4
and 5 more
CVE-2021-23840
OpenSSL is vulnerable to a denial of service, caused by an integer overflow in CipherUpdate. By sending an overly long argument, an attacker could exploit this vulnerability to cause the application t...
redhat/jbcs-httpd24-apr<0:1.6.3-107.el8
redhat/jbcs-httpd24-apr-util<0:1.6.1-84.el8
redhat/jbcs-httpd24-curl<0:7.78.0-2.el8
redhat/jbcs-httpd24-httpd<0:2.4.37-78.el8
redhat/jbcs-httpd24-nghttp2<0:1.39.2-39.el8
redhat/jbcs-httpd24-openssl<1:1.1.1g-8.el8
and 86 more
CVE-2020-14782
An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact.
redhat/java<1.8.0-openjdk-1:1.8.0.272.b10-0.el6_10
redhat/java<11-openjdk-1:11.0.9.11-0.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.272.b10-1.el7_9
redhat/java<1.7.1-ibm-1:1.7.1.4.75-1jpp.1.el7
redhat/java<1.8.0-ibm-1:1.8.0.6.25-1jpp.1.el7
redhat/java<11-openjdk-1:11.0.9.11-0.el8_2
and 36 more
CVE-2020-14792
An unspecified vulnerability in Java SE related to the Hotspot component could allow an unauthenticated attacker to cause low confidentiality impact, low integrity impact, and no availability impact.
redhat/java<1.8.0-openjdk-1:1.8.0.272.b10-0.el6_10
redhat/java<11-openjdk-1:11.0.9.11-0.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.272.b10-1.el7_9
redhat/java<11-openjdk-1:11.0.9.11-0.el8_2
redhat/java<1.8.0-openjdk-1:1.8.0.272.b10-1.el8_2
redhat/java<11-openjdk-1:11.0.9.11-0.el8_0
and 39 more
CVE-2020-7318
Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via multiple parameters where the administ...
McAfee ePolicy Orchestrator>=5.10.0<=5.10.9
CVE-2020-7317
Cross-Site Scripting vulnerability in McAfee ePolicy Orchistrator (ePO) prior to 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via parameter values for "syncPointList" n...
McAfee ePolicy Orchestrator<=5.9.1
McAfee ePolicy Orchestrator>=5.10.0<=5.10.9
CVE-2020-14578
A flaw was found in the DerInputStream class in the Libraries component of OpenJDK. A DER (Distinguished Encoding Rules) encoded input using indefinite length encoding not supported by the DerInputSt...
redhat/java<1.8.0-openjdk-1:1.8.0.262.b10-0.el6_10
redhat/java<1.7.1-ibm-1:1.7.1.4.70-1jpp.1.el6_10
redhat/java<1.8.0-openjdk-1:1.8.0.262.b10-0.el7_8
redhat/java<1.7.1-ibm-1:1.7.1.4.70-1jpp.1.el7
redhat/java<1.8.0-ibm-1:1.8.0.6.20-1jpp.1.el7
redhat/java<1.8.0-openjdk-1:1.8.0.262.b10-0.el8_2
and 46 more
CVE-2020-14621
A flaw was found in the way the XMLSchemaValidator class in the JAXP component of OpenJDK enforced the "use-grammar-pool-only" feature. A specially-crafted XML file could possibly use this flaw to ma...
redhat/java<1.8.0-openjdk-1:1.8.0.262.b10-0.el6_10
redhat/java<1.7.1-ibm-1:1.7.1.4.70-1jpp.1.el6_10
redhat/java<1.8.0-openjdk-1:1.8.0.262.b10-0.el7_8
redhat/java<11-openjdk-1:11.0.8.10-0.el7_8
redhat/java<1.7.1-ibm-1:1.7.1.4.70-1jpp.1.el7
redhat/java<1.8.0-ibm-1:1.8.0.6.20-1jpp.1.el7
and 68 more
CVE-2020-14581
An unspecified vulnerability in Oracle Java SE and Java SE Embedded related to the 2D component could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiali...
ubuntu/openjdk-8<8
ubuntu/openjdk-8<8
ubuntu/openjdk-8<8
ubuntu/openjdk-8<8
ubuntu/openjdk-8<8
ubuntu/openjdk-8<8
and 54 more
CVE-2020-14579
A flaw was found in the DerValue class in the Libraries component of OpenJDK. An incorrect implementation of the DerValue.equals() method could cause the class to raise an exception not declared to b...
redhat/java<1.8.0-openjdk-1:1.8.0.262.b10-0.el6_10
redhat/java<1.7.1-ibm-1:1.7.1.4.70-1jpp.1.el6_10
redhat/java<1.8.0-openjdk-1:1.8.0.262.b10-0.el7_8
redhat/java<1.7.1-ibm-1:1.7.1.4.70-1jpp.1.el7
redhat/java<1.8.0-ibm-1:1.8.0.6.20-1jpp.1.el7
redhat/java<1.8.0-openjdk-1:1.8.0.262.b10-0.el8_2
and 46 more
CVE-2020-13935
The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could tr...
redhat/tomcat<0:7.0.76-15.el7
redhat/jbossweb<0:7.5.31-2.Final_redhat_2.1.ep6.el5
redhat/jbossweb<0:7.5.31-2.Final_redhat_2.1.ep6.el6
redhat/jboss-as-appclient<0:7.5.24-2.Final_redhat_00001.1.ep6.el6
redhat/jbossas-appclient<0:7.5.24-2.Final_redhat_00001.1.ep6.el6
redhat/jbossas-bundles<0:7.5.24-2.Final_redhat_00001.1.ep6.el6
and 220 more
CVE-2020-9484
When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; a...
redhat/tomcat6<0:6.0.24-115.el6_10
redhat/tomcat<0:7.0.76-12.el7_8
redhat/tomcat7<0:7.0.70-40.ep7.el6
redhat/tomcat8<0:8.0.36-44.ep7.el6
redhat/tomcat-native<0:1.2.23-22.redhat_22.ep7.el6
redhat/tomcat7<0:7.0.70-40.ep7.el7
and 99 more
CVE-2020-2773
An unspecified vulnerability in Java SE related to the Java SE Security component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unkn...
redhat/java<1.8.0-openjdk-1:1.8.0.252.b09-2.el6_10
redhat/java<1.7.0-openjdk-1:1.7.0.261-2.6.22.1.el6_10
redhat/java<1.7.0-openjdk-1:1.7.0.261-2.6.22.2.el7_8
redhat/java<11-openjdk-1:11.0.7.10-4.el7_8
redhat/java<1.8.0-openjdk-1:1.8.0.252.b09-2.el7_8
redhat/java<1.8.0-ibm-1:1.8.0.6.25-1jpp.1.el7
and 157 more
CVE-2020-2757
An unspecified vulnerability in Java SE related to the Java SE Serialization component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using...
redhat/java<1.8.0-openjdk-1:1.8.0.252.b09-2.el6_10
redhat/java<1.7.0-openjdk-1:1.7.0.261-2.6.22.1.el6_10
redhat/java<1.7.1-ibm-1:1.7.1.4.65-1jpp.1.el6_10
redhat/java<1.8.0-ibm-1:1.8.0.6.10-1jpp.1.el6_10
redhat/java<1.7.0-openjdk-1:1.7.0.261-2.6.22.2.el7_8
redhat/java<11-openjdk-1:11.0.7.10-4.el7_8
and 157 more
CVE-2020-2756
An unspecified vulnerability in Java SE related to the Java SE Serialization component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using...
redhat/java<1.8.0-openjdk-1:1.8.0.252.b09-2.el6_10
redhat/java<1.7.0-openjdk-1:1.7.0.261-2.6.22.1.el6_10
redhat/java<1.7.1-ibm-1:1.7.1.4.65-1jpp.1.el6_10
redhat/java<1.8.0-ibm-1:1.8.0.6.10-1jpp.1.el6_10
redhat/java<1.7.0-openjdk-1:1.7.0.261-2.6.22.2.el7_8
redhat/java<11-openjdk-1:11.0.7.10-4.el7_8
and 156 more
CVE-2020-2755
An unspecified vulnerability in Java SE related to the Java SE Scripting component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unk...
redhat/java<1.8.0-openjdk-1:1.8.0.252.b09-2.el6_10
redhat/java<1.8.0-ibm-1:1.8.0.6.10-1jpp.1.el6_10
redhat/java<11-openjdk-1:11.0.7.10-4.el7_8
redhat/java<1.8.0-openjdk-1:1.8.0.252.b09-2.el7_8
redhat/java<1.8.0-ibm-1:1.8.0.6.10-1jpp.1.el7
redhat/java<11-openjdk-1:11.0.7.10-1.el8_1
and 151 more
CVE-2020-2754
An unspecified vulnerability in Java SE related to the Java SE Scripting component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unk...
redhat/java<1.8.0-openjdk-1:1.8.0.252.b09-2.el6_10
redhat/java<1.8.0-ibm-1:1.8.0.6.10-1jpp.1.el6_10
redhat/java<11-openjdk-1:11.0.7.10-4.el7_8
redhat/java<1.8.0-openjdk-1:1.8.0.252.b09-2.el7_8
redhat/java<1.8.0-ibm-1:1.8.0.6.10-1jpp.1.el7
redhat/java<11-openjdk-1:11.0.7.10-1.el8_1
and 143 more
CVE-2020-2654
A flaw was discovered in the way the Libraries component of OpenJDK processed X.509 certificates. Values of Object Identifiers (OIDs) were "interned", possibly allowing a malicious X.509 certificate ...
redhat/java<1.8.0-openjdk-1:1.8.0.242.b07-1.el6_10
redhat/java<1.7.0-openjdk-1:1.7.0.251-2.6.21.0.el6_10
redhat/java<1.7.1-ibm-1:1.7.1.4.65-1jpp.1.el6_10
redhat/java<1.8.0-ibm-1:1.8.0.6.10-1jpp.1.el6_10
redhat/java<11-openjdk-1:11.0.6.10-1.el7_7
redhat/java<1.8.0-openjdk-1:1.8.0.242.b08-0.el7_7
and 86 more
CVE-2020-2604
An unspecified vulnerability in Java SE could allow an unauthenticated attacker to take control of the system.
redhat/java<1.8.0-openjdk-1:1.8.0.242.b07-1.el6_10
redhat/java<1.7.0-openjdk-1:1.7.0.251-2.6.21.0.el6_10
redhat/java<1.7.1-ibm-1:1.7.1.4.60-1jpp.1.el6_10
redhat/java<1.8.0-ibm-1:1.8.0.6.5-1jpp.1.el6_10
redhat/java<11-openjdk-1:11.0.6.10-1.el7_7
redhat/java<1.8.0-openjdk-1:1.8.0.242.b08-0.el7_7
and 79 more
CVE-2020-2593
An unspecified vulnerability in Java SE related to the Java SE Networking component could allow an unauthenticated attacker to cause low confidentiality impact, low integrity impact, and no availabili...
redhat/java<1.8.0-openjdk-1:1.8.0.242.b07-1.el6_10
redhat/java<1.7.0-openjdk-1:1.7.0.251-2.6.21.0.el6_10
redhat/java<1.7.1-ibm-1:1.7.1.4.60-1jpp.1.el6_10
redhat/java<1.8.0-ibm-1:1.8.0.6.5-1jpp.1.el6_10
redhat/java<11-openjdk-1:11.0.6.10-1.el7_7
redhat/java<1.8.0-openjdk-1:1.8.0.242.b08-0.el7_7
and 86 more
CVE-2020-2590
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u2...
redhat/java<1.8.0-openjdk-1:1.8.0.242.b07-1.el6_10
redhat/java<1.7.0-openjdk-1:1.7.0.251-2.6.21.0.el6_10
redhat/java<1.7.1-ibm-1:1.7.1.4.70-1jpp.1.el6_10
redhat/java<11-openjdk-1:11.0.6.10-1.el7_7
redhat/java<1.8.0-openjdk-1:1.8.0.242.b08-0.el7_7
redhat/java<1.7.0-openjdk-1:1.7.0.251-2.6.21.0.el7_7
and 84 more
CVE-2020-2583
An unspecified vulnerability in Java SE related to the Java SE Serialization component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using...
redhat/java<1.8.0-openjdk-1:1.8.0.242.b07-1.el6_10
redhat/java<1.7.0-openjdk-1:1.7.0.251-2.6.21.0.el6_10
redhat/java<1.7.1-ibm-1:1.7.1.4.60-1jpp.1.el6_10
redhat/java<1.8.0-ibm-1:1.8.0.6.5-1jpp.1.el6_10
redhat/java<11-openjdk-1:11.0.6.10-1.el7_7
redhat/java<1.8.0-openjdk-1:1.8.0.242.b08-0.el7_7
and 86 more
CVE-2019-2933
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221....
Oracle JDK=1.7.0-update231
Oracle JDK=1.8.0-update221
Oracle JDK=11.0.4
Oracle JDK=13.0.0
Oracle JRE=1.7.0-update231
Oracle JRE=1.8.0-update221
and 14 more
CVE-2019-2894
An unspecified vulnerability in Java SE related to the Security component could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknow...
IBM Engineering Requirements Quality Assistant On-Premises<=All
Oracle JDK=1.7.0-update231
Oracle JDK=1.8.0-update221
Oracle JDK=11.0.4
Oracle JDK=13.0.0
Oracle JRE=1.7.0-update231
and 30 more
CVE-2019-2949
An unspecified vulnerability in Java SE related to the Kerberos component could allow an unauthenticated attacker to obtain sensitive information resulting in a high confidentiality impact using unkno...
redhat/java<1.8.0-openjdk-1:1.8.0.232.b09-1.el6_10
redhat/java<1.8.0-ibm-1:1.8.0.6.10-1jpp.1.el6_10
redhat/java<11-openjdk-1:11.0.5.10-0.el7_7
redhat/java<1.8.0-openjdk-1:1.8.0.232.b09-0.el7_7
redhat/java<1.8.0-ibm-1:1.8.0.6.10-1jpp.1.el7
redhat/java<1.8.0-openjdk-1:1.8.0.232.b09-0.el8_0
and 48 more
CVE-2019-2975
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are Java SE: 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Diffic...
redhat/java<1.8.0-openjdk-1:1.8.0.232.b09-1.el6_10
redhat/java<1.8.0-ibm-1:1.8.0.6.0-1jpp.1.el6_10
redhat/java<11-openjdk-1:11.0.5.10-0.el7_7
redhat/java<1.8.0-openjdk-1:1.8.0.232.b09-0.el7_7
redhat/java<1.8.0-ibm-1:1.8.0.6.0-1jpp.1.el7
redhat/java<1.8.0-openjdk-1:1.8.0.232.b09-0.el8_0
and 52 more
CVE-2019-2766
Oracle JDK=1.7.0-update221
Oracle JDK=1.8.0-update211
Oracle JDK=1.8.0-update212
Oracle JDK=11.0.3
Oracle JDK=12.0.1
Oracle JRE=1.7.0-update221
and 14 more
CVE-2019-2762
It was discovered that the implementation of the Throwable class in the Utilities component of OpenJDK did not sufficiently validate serial stream before deserializing suppressed exceptions. A specia...
Oracle JDK=1.7.0-update221
Oracle JDK=1.8.0-update211
Oracle JDK=1.8.0-update212
Oracle JDK=11.0.3
Oracle JDK=12.0.1
Oracle JRE=1.7.0-update221
and 37 more
CVE-2019-2745
The Elliptic Curve (EC) cryptography in the Security component of OpenJDK was modernized to use formulas that are more efficient, easier to implement, and offer greater resiliency against side-channel...
Oracle JDK=1.7.0-update221
Oracle JDK=1.8.0-update212
Oracle JDK=11.0.3
Oracle JRE=1.7.0-update221
Oracle JRE=1.8.0-update212
Oracle JRE=11.0.3
and 21 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203