Every CVE whose affected-product data names Sun Java, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2005-2530 — CVSS 10.0 (critical): Unspecified vulnerability in Java 1.3.1 before 1.3.1_16 on Apple Mac OS X allows an untrusted applet to gain privileges, related to "Mac OS…
CVE-2005-2529 — CVSS 10.0 (critical): Unspecified vulnerability in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to gain privileges via unspecified…
CVE-2010-0887 — CVSS 10.0 (critical): Unspecified vulnerability in the New Java Plug-in component in Oracle Java SE and Java for Business JDK and JRE 6 Update 18 and 19 allows…
CVE-2008-3440 — CVSS 7.5 (high): Sun Java 1.6.0_03 and earlier versions, and possibly later versions, does not properly verify the authenticity of updates, which allows…
CVE-1999-0440 — CVSS 7.5 (high): The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages.
CVE-1999-0142 — CVSS 7.5 (high): The Java Applet Security Manager implementation in Netscape Navigator 2.0 and Java Developer's Kit 1.0 allows an applet to connect to…
CVE-2009-1105 — CVSS 7.5 (high): The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12, 11, and 10 allows user-assisted remote…
CVE-2009-1103 — CVSS 6.4 (medium): Unspecified vulnerability in the Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and…
CVE-2009-1102 — CVSS 6.4 (medium): Unspecified vulnerability in the Virtual Machine in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and…
CVE-2009-1104 — CVSS 5.8 (medium): The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier…
CVE-2005-2738 — CVSS 5.0 (medium): Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X does not prevent multiple programs from opening the same port as a Java ServerSocket…
CVE-2009-1107 — CVSS 4.3 (medium): The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier, and 5.0 Update 17 and…
CVE-2003-1134 — CVSS 2.1 (low): Sun Java 1.3.1, 1.4.1, and 1.4.2 allows local users to cause a denial of service (JVM crash), possibly by calling the ClassDepth function…
CVE-2005-2527 — CVSS 1.2 (low): Race condition in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to corrupt files or create arbitrary files via…