NotCVE - vendor:"Oracle" product:"Java Jdk"

31 results (0.003 seconds)

CVSS: 8.1EPSS: 0%CPEs: 8EXPL: 0

CVE-2025-50106 – openjdk: Glyph out-of-memory access and crash (Oracle CPU 2025-07)

https://notcve.org/view.php?id=CVE-2025-50106

15 Jul 2025 — Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Orac... • https://www.oracle.com/security-alerts/cpujul2025.html • CWE-122: Heap-based Buffer Overflow •

CVSS: 8.6EPSS: 0%CPEs: 8EXPL: 0

CVE-2025-50059 – openjdk: Improve HTTP client header handling (Oracle CPU 2025-07)

https://notcve.org/view.php?id=CVE-2025-50059

15 Jul 2025 — Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1; Oracle GraalVM Enterprise Edition: 21.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracl... • https://www.oracle.com/security-alerts/cpujul2025.html • CWE-201: Insertion of Sensitive Information Into Sent Data CWE-284: Improper Access Control •

CVSS: 4.8EPSS: 0%CPEs: 8EXPL: 0

CVE-2025-30754 – openjdk: Enhance TLS protocol support (Oracle CPU 2025-07)

https://notcve.org/view.php?id=CVE-2025-30754

15 Jul 2025 — Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM En... • https://www.oracle.com/security-alerts/cpujul2025.html • CWE-284: Improper Access Control CWE-325: Missing Cryptographic Step •

CVSS: 3.7EPSS: 0%CPEs: 2EXPL: 0

CVE-2025-30752

https://notcve.org/view.php?id=CVE-2025-30752

15 Jul 2025 — Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE (component: Compiler). The supported version that is affected is Oracle Java SE: 24.0.1; Oracle GraalVM for JDK: 24.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java... • https://www.oracle.com/security-alerts/cpujul2025.html • CWE-400: Uncontrolled Resource Consumption •

CVSS: 8.1EPSS: 0%CPEs: 8EXPL: 0

CVE-2025-30749 – openjdk: Better Glyph drawing (Oracle CPU 2025-07)

https://notcve.org/view.php?id=CVE-2025-30749

CVSS: 5.6EPSS: 0%CPEs: 9EXPL: 0

CVE-2025-30698 – openjdk: Enhance Buffered Image handling (Oracle CPU 2025-04)

https://notcve.org/view.php?id=CVE-2025-30698

15 Apr 2025 — Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK: 17.0.14, 21.0.6, 24; Oracle GraalVM Enterprise Edition: 20.3.17 and 21.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Ora... • https://www.oracle.com/security-alerts/cpuapr2025.html • CWE-122: Heap-based Buffer Overflow CWE-284: Improper Access Control •

CVSS: 7.4EPSS: 0%CPEs: 9EXPL: 0

CVE-2025-21587 – openjdk: Better TLS connection support (Oracle CPU 2025-04)

https://notcve.org/view.php?id=CVE-2025-21587

15 Apr 2025 — Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE:8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK:17.0.14, 21.0.6, 24; Oracle GraalVM Enterprise Edition:20.3.17 and 21.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Orac... • https://www.oracle.com/security-alerts/cpuapr2025.html • CWE-208: Observable Timing Discrepancy CWE-284: Improper Access Control •

CVSS: 4.8EPSS: 0%CPEs: 25EXPL: 0

CVE-2025-21502 – openjdk: Enhance array handling (Oracle CPU 2025-01)

https://notcve.org/view.php?id=CVE-2025-21502

21 Jan 2025 — Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM Enterprise Edition: 20.3.16 and 21.3.12. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JD... • https://www.oracle.com/security-alerts/cpujan2025.html • CWE-195: Signed to Unsigned Conversion Error CWE-863: Incorrect Authorization •

CVSS: 4.8EPSS: 0%CPEs: 23EXPL: 0

CVE-2024-21235 – JDK: Integer conversion error leads to incorrect range check (8332644)

https://notcve.org/view.php?id=CVE-2024-21235

15 Oct 2024 — Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK... • https://www.oracle.com/security-alerts/cpuoct2024.html • CWE-195: Signed to Unsigned Conversion Error •

CVSS: 7.4EPSS: 0%CPEs: 41EXPL: 0

CVE-2024-21217 – JDK: Unbounded allocation leads to out-of-memory error (8331446)

https://notcve.org/view.php?id=CVE-2024-21217

15 Oct 2024 — Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM f... • https://www.oracle.com/security-alerts/cpuoct2024.html • CWE-502: Deserialization of Untrusted Data CWE-789: Memory Allocation with Excessive Size Value •

1 2 3 4