VYPR

Openjdk

by Sun Corporation

CVEs (27)

  • CVE-2026-22020impApr 21, 2026
    risk 0.46cvss 7.1epss

    openjdk: OpenJDK: Update LibPNG (Oracle CPU 2026-04)

  • CVE-2013-1537Apr 17, 2013
    risk 0.01cvss epss 0.10

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via…

  • CVE-2013-1518Apr 17, 2013
    risk 0.01cvss epss 0.07

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via…

  • CVE-2013-0401Mar 8, 2013
    risk 0.01cvss epss 0.10

    The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to execute arbitrary code via vectors related to AWT, as demonstrated by Ben Murphy during…

  • CVE-2012-4420Dec 26, 2019
    risk 0.00cvss epss 0.05

    An information disclosure flaw was found in the way the Java Virtual Machine (JVM) implementation of Java SE 7 as provided by OpenJDK 7 incorrectly initialized integer arrays after memory allocation (in certain circumstances they had nonzero elements right after the allocation).…

  • CVE-2014-8873Nov 9, 2015
    risk 0.00cvss epss 0.05

    A .desktop file in the Debian openjdk-7 package 7u79-2.5.5-1~deb8u1 includes a MIME type registration that is added to /etc/mailcap by mime-support, which allows remote attackers to execute arbitrary code via a JAR file.

  • CVE-2014-2405May 14, 2014
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-0462.

  • CVE-2014-0462May 14, 2014
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-2405.

  • CVE-2014-0422Jan 15, 2014
    risk 0.00cvss epss 0.06

    Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI. NOTE: the previous information is from the January 2014 CPU.…

  • CVE-2014-0416Jan 15, 2014
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAAS. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party…

  • CVE-2014-0373Jan 15, 2014
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from the January 2014 CPU. Oracle…

  • CVE-2009-3884Nov 9, 2009
    risk 0.00cvss epss 0.03

    The TimeZone.getTimeZone method in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local files via vectors related to handling of zoneinfo (aka tz) files, aka Bug Id 6824265.

  • CVE-2009-3883Nov 9, 2009
    risk 0.00cvss epss 0.02

    Multiple unspecified vulnerabilities in the Windows Pluggable Look and Feel (PL&F) feature in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to "information leaks in mutable…

  • CVE-2009-3882Nov 9, 2009
    risk 0.00cvss epss 0.02

    Multiple unspecified vulnerabilities in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to "information leaks in mutable variables," aka Bug Id 6657026.

  • CVE-2009-3881Nov 9, 2009
    risk 0.00cvss epss 0.03

    Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not prevent the existence of children of a resurrected ClassLoader, which allows remote attackers to gain privileges via unspecified vectors, related to an "information leak vulnerability," aka Bug Id…

  • CVE-2009-3880Nov 9, 2009
    risk 0.00cvss epss 0.02

    The Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not properly restrict the objects that may be sent to loggers, which allows attackers to obtain sensitive information via vectors…

  • CVE-2009-3879Nov 9, 2009
    risk 0.00cvss epss 0.02

    Multiple unspecified vulnerabilities in the (1) X11 and (2) Win32GraphicsDevice subsystems in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and attack vectors, related to failure to clone arrays that are returned by the…

  • CVE-2009-3728Nov 9, 2009
    risk 0.00cvss epss 0.04

    Directory traversal vulnerability in the ICC_Profile.getInstance method in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local International Color Consortium (ICC)…

  • CVE-2009-2690Aug 10, 2009
    risk 0.00cvss epss 0.03

    The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which allows context-dependent attackers to obtain sensitive information via an untrusted (1) applet or (2) application.

  • CVE-2009-2689Aug 10, 2009
    risk 0.00cvss epss 0.03

    JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an untrusted (1) applet or (2)…

Page 1 of 2