Vulnerabilities > Microsoft > Java Software Development KIT

DATE CVE VULNERABILITY TITLE RISK
2019-03-05 CVE-2019-0741 Information Exposure Through Log Files vulnerability in Microsoft Java Software Development KIT
An information disclosure vulnerability exists in the way Azure IoT Java SDK logs sensitive information, aka 'Azure IoT Java SDK Information Disclosure Vulnerability'.
network
low complexity
microsoft CWE-532
5.0
5.0
2019-03-05 CVE-2019-0729 Insufficient Entropy in PRNG vulnerability in Microsoft Java Software Development KIT
An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric keys for encryption, allowing an attacker to predict the randomness of the key, aka 'Azure IoT Java SDK Elevation of Privilege Vulnerability'.
network
low complexity
microsoft CWE-332
7.5
7.5
2018-09-13 CVE-2018-8479 Improper Certificate Validation vulnerability in Microsoft products
A spoofing vulnerability exists for the Azure IoT Device Provisioning for the C SDK library using the HTTP protocol on Windows platform, aka "Azure IoT SDK Spoofing Vulnerability." This affects C SDK.
network
microsoft CWE-295
6.8
6.8
2018-05-09 CVE-2018-8119 Improper Certificate Validation vulnerability in Microsoft products
A spoofing vulnerability exists when the Azure IoT Device Provisioning AMQP Transport library improperly validates certificates over the AMQP protocol, aka "Azure IoT SDK Spoofing Vulnerability." This affects C# SDK, C SDK, Java SDK.
network
microsoft CWE-295
6.8
6.8