threat
engine
.sh
Back
·
··:··
Home
/
Product
/
sun java se
Product
sun java se
20 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2021-41041
all versions
In Eclipse Openj9 before version 0.32.0, Java 8 & 11 fail to throw the exception captured during bytecode verification when verifi
5.3
MEDIUM
CVE-2022-21496
all versions
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported vers
5.3
MEDIUM
CVE-2022-21443
all versions
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported
3.7
LOW
CVE-2021-21349
all versions
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability w
6.1
MEDIUM
CVE-2019-10219
all versions
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting
6.1
MEDIUM
CVE-2019-7317
all versions
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_saf
5.3
MEDIUM
CVE-2009-2724
<= 5.0
Race condition in the java.lang package in Sun Java SE 5.0 before Update 20 has unknown impact and attack vectors, related to a "3
CVE-2009-2723
<= 5.0
Unspecified vulnerability in deserialization in the Provider class in Sun Java SE 5.0 before Update 20 has unknown impact and atta
CVE-2009-2722
<= 5.0
Multiple unspecified vulnerabilities in the Provider class in Sun Java SE 5.0 before Update 20 have unknown impact and attack vect
CVE-2009-2721
<= 5.0
Multiple unspecified vulnerabilities in the Provider class in Sun Java SE 5.0 before Update 20 have unknown impact and attack vect
CVE-2009-2720
<= 6
Unspecified vulnerability in the javax.swing.plaf.synth.SynthContext.isSubregion method in the Swing implementation in Sun Java SE
CVE-2009-2719
<= 6
The Java Web Start implementation in Sun Java SE 6 before Update 15 allows context-dependent attackers to cause a denial of servic
CVE-2009-2718
all versions
The Abstract Window Toolkit (AWT) implementation in Sun Java SE 6 before Update 15 on X11 does not impose the intended constraint
CVE-2009-2717
<= 6
The Abstract Window Toolkit (AWT) implementation in Sun Java SE 6 before Update 15 on Windows 2000 Professional does not provide a
CVE-2009-2716
<= 6
The plugin functionality in Sun Java SE 6 before Update 15 does not properly implement version selection, which allows context-dep
CVE-2009-2690
<= 6
The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which
CVE-2009-2689
<= 6
JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to inst
CVE-2009-2476
<= 6
The Java Management Extensions (JMX) implementation in Sun Java SE 6 before Update 15, and OpenJDK, does not properly enforce Open
CVE-2009-2475
<= 6
Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent attackers to obtain sensitive
CVE-2009-2676
all versions
Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE for Business, in JDK and JRE 6 Update 14 and earlier and JD
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin