2017-08-08 | CVE-2017-10102 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). | 9.0 |
2017-08-08 | CVE-2017-10107 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). | 9.6 |
2017-08-08 | CVE-2017-10110 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). | 9.6 |
2017-08-08 | CVE-2017-10111 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). | 9.6 |
2017-08-07 | CVE-2015-7853 | Classic Buffer Overflow vulnerability in multiple products The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value. | 9.8 |
2017-08-07 | CVE-2015-7871 | Improper Authentication vulnerability in multiple products Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication. | 9.8 |
2017-05-23 | CVE-2016-9841 | inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. | 9.8 |
2017-03-11 | CVE-2017-5638 | Improper Handling of Exceptional Conditions vulnerability in multiple products The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string. | 9.8 |
2016-04-21 | CVE-2016-3427 | Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. | 9.8 |