| 2018-01-18 | CVE-2018-2602 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: I18n). | 4.5 |
| 2018-01-18 | CVE-2018-2599 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). | 4.8 |
| 2018-01-18 | CVE-2018-2588 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: LDAP). | 4.3 |
| 2018-01-18 | CVE-2018-2582 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). | 6.5 |
| 2018-01-18 | CVE-2018-2581 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). | 4.7 |
| 2018-01-18 | CVE-2018-2579 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). | 3.7 |
| 2018-01-10 | CVE-2017-7536 | Unsafe Reflection vulnerability in Redhat products
In Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. | 7.0 |
| 2017-11-27 | CVE-2017-15100 | Cross-site Scripting vulnerability in multiple products
An attacker submitting facts to the Foreman server containing HTML can cause a stored XSS on certain pages: (1) Facts page, when clicking on the "chart" button and hovering over the chart; (2) Trends page, when checking the graph for a trend based on a such fact; (3) Statistics page, for facts that are aggregated on this page. | 6.1 |
| 2017-10-19 | CVE-2017-10388 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). | 7.5 |
| 2017-10-19 | CVE-2017-10357 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). | 5.3 |