| 2019-02-11 | CVE-2018-12549 | Improper Input Validation vulnerability in multiple products
In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrectly omit a null check on the receiver object of an Unsafe call when accelerating it. | 7.5 |
| 2019-02-11 | CVE-2018-12547 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In Eclipse OpenJ9, prior to the 0.12.0 release, the jio_snprintf() and jio_vsnprintf() native methods ignored the length parameter. | 7.5 |
| 2018-08-20 | CVE-2018-1000632 | XML Injection (aka Blind XPath Injection) vulnerability in multiple products
dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. | 7.5 |
| 2018-04-19 | CVE-2018-2794 | Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). | 7.7 |
| 2018-04-19 | CVE-2018-2783 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). | 7.4 |
| 2018-04-16 | CVE-2016-9593 | Credentials Management vulnerability in multiple products
foreman-debug before version 1.15.0 is vulnerable to a flaw in foreman-debug's logging. | 8.8 |
| 2018-04-04 | CVE-2018-1097 | Information Exposure vulnerability in multiple products
A flaw was found in foreman before 1.16.1. | 8.8 |
| 2018-03-12 | CVE-2017-2667 | Improper Certificate Validation vulnerability in multiple products
Hammer CLI, a CLI utility for Foreman, before version 0.10.0, did not explicitly set the verify_ssl flag for apipie-bindings that disable it by default. | 8.1 |
| 2018-01-18 | CVE-2018-2639 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). | 8.3 |
| 2018-01-18 | CVE-2018-2638 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). | 8.3 |