Filtered by vendor Redhat
Subscriptions
Filtered by product Rhel Extras Sap
Subscriptions
Total
81 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-0867 | 2 Redhat, Sun | 6 Enterprise Linux, Network Satellite, Rhel Extras and 3 more | 2025-04-11 | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking. | ||||
| CVE-2011-0871 | 2 Redhat, Sun | 6 Enterprise Linux, Network Satellite, Rhel Extras and 3 more | 2025-04-11 | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. | ||||
| CVE-2011-3389 | 9 Canonical, Debian, Google and 6 more | 21 Ubuntu Linux, Debian Linux, Chrome and 18 more | 2025-04-11 | N/A |
| The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack. | ||||
| CVE-2011-3545 | 3 Oracle, Redhat, Sun | 6 Jrockit, Network Satellite, Rhel Extras and 3 more | 2025-04-11 | N/A |
| Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound. | ||||
| CVE-2011-3547 | 3 Oracle, Redhat, Sun | 8 Jdk, Jre, Enterprise Linux and 5 more | 2025-04-11 | N/A |
| Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking. | ||||
| CVE-2011-3548 | 2 Redhat, Sun | 6 Enterprise Linux, Network Satellite, Rhel Extras and 3 more | 2025-04-11 | N/A |
| Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to AWT. | ||||
| CVE-2009-1100 | 2 Redhat, Sun | 5 Network Satellite, Rhel Extras, Rhel Extras Sap and 2 more | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allow remote attackers to cause a denial of service (disk consumption) via vectors related to temporary font files and (1) "limits on Font creation," aka CR 6522586, and (2) another unspecified vector, aka CR 6632886. | ||||
| CVE-2009-2625 | 8 Apache, Canonical, Debian and 5 more | 18 Xerces2 Java, Ubuntu Linux, Debian Linux and 15 more | 2025-04-09 | N/A |
| XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework. | ||||
| CVE-2009-3555 | 9 Apache, Canonical, Debian and 6 more | 15 Http Server, Ubuntu Linux, Debian Linux and 12 more | 2025-04-09 | N/A |
| The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue. | ||||
| CVE-2009-3867 | 3 Microsoft, Redhat, Sun | 9 Windows, Network Satellite, Rhel Extras and 6 more | 2025-04-09 | N/A |
| Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a long file: URL in an argument, aka Bug Id 6854303. | ||||
| CVE-2009-3868 | 3 Microsoft, Redhat, Sun | 9 Windows, Network Satellite, Rhel Extras and 6 more | 2025-04-09 | N/A |
| Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 does not properly parse color profiles, which allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862970. | ||||
| CVE-2009-3869 | 3 Microsoft, Redhat, Sun | 10 Windows, Enterprise Linux, Network Satellite and 7 more | 2025-04-09 | N/A |
| Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a crafted argument, aka Bug Id 6872357. | ||||
| CVE-2009-3871 | 3 Microsoft, Redhat, Sun | 10 Windows, Enterprise Linux, Network Satellite and 7 more | 2025-04-09 | N/A |
| Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via crafted arguments, aka Bug Id 6872358. | ||||
| CVE-2009-3872 | 3 Microsoft, Redhat, Sun | 9 Windows, Network Satellite, Rhel Extras and 6 more | 2025-04-09 | N/A |
| Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862969. | ||||
| CVE-2009-3873 | 3 Microsoft, Redhat, Sun | 10 Windows, Enterprise Linux, Network Satellite and 7 more | 2025-04-09 | N/A |
| The JPEG Image Writer in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, related to a "quantization problem," aka Bug Id 6862968. | ||||
| CVE-2009-3874 | 3 Microsoft, Redhat, Sun | 10 Windows, Enterprise Linux, Network Satellite and 7 more | 2025-04-09 | N/A |
| Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file that triggers a heap-based buffer overflow, aka Bug Id 6874643. | ||||
| CVE-2009-3875 | 4 Linux, Microsoft, Redhat and 1 more | 10 Linux Kernel, Windows, Enterprise Linux and 7 more | 2025-04-09 | N/A |
| The MessageDigest.isEqual function in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to spoof HMAC-based digital signatures, and possibly bypass authentication, via unspecified vectors related to "timing attack vulnerabilities," aka Bug Id 6863503. | ||||
| CVE-2009-3876 | 4 Linux, Microsoft, Redhat and 1 more | 10 Linux Kernel, Windows, Enterprise Linux and 7 more | 2025-04-09 | N/A |
| Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted DER encoded data, which is not properly decoded by the ASN.1 DER input stream parser, aka Bug Id 6864911. | ||||
| CVE-2009-3877 | 4 Linux, Microsoft, Redhat and 1 more | 10 Linux Kernel, Windows, Enterprise Linux and 7 more | 2025-04-09 | N/A |
| Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP headers, which are not properly parsed by the ASN.1 DER input stream parser, aka Bug Id 6864911. | ||||
| CVE-2008-5349 | 2 Redhat, Sun | 5 Network Satellite, Rhel Extras, Rhel Extras Sap and 2 more | 2025-04-09 | N/A |
| Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows remote attackers to cause a denial of service (CPU consumption) via a crafted RSA public key. | ||||