Every CVE whose affected-product data names Sun Openjdk, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (16)
CVE-2009-2476 — CVSS 10.0 (critical): The Java Management Extensions (JMX) implementation in Sun Java SE 6 before Update 15, and OpenJDK, does not properly enforce OpenType…
CVE-2009-1896 — CVSS 10.0 (critical): The Java Web Start framework in IcedTea in OpenJDK before 1.6.0.0-20.b16.fc10 on Fedora 10, and before 1.6.0.0-27.b16.fc11 on Fedora 11…
CVE-2009-2689 — CVSS 10.0 (critical): JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of…
CVE-2009-0733 — CVSS 9.3 (critical): Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in…
CVE-2009-0723 — CVSS 9.3 (critical): Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow…
CVE-2009-2475 — CVSS 7.8 (high): Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent attackers to obtain sensitive…
CVE-2009-3879 — CVSS 7.5 (high): Multiple unspecified vulnerabilities in the (1) X11 and (2) Win32GraphicsDevice subsystems in Sun Java SE 5.0 before Update 22 and 6 before…
CVE-2009-3883 — CVSS 7.5 (high): Multiple unspecified vulnerabilities in the Windows Pluggable Look and Feel (PL&F) feature in the Swing implementation in Sun Java SE 5.0…
CVE-2009-3882 — CVSS 7.5 (high): Multiple unspecified vulnerabilities in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK…
CVE-2009-3881 — CVSS 7.5 (high): Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not prevent the existence of children of a resurrected…
CVE-2009-3884 — CVSS 5.0 (medium): The TimeZone.getTimeZone method in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to…
CVE-2009-0794 — CVSS 5.0 (medium): Integer overflow in the PulseAudioTargetDataL class in src/java/org/classpath/icedtea/pulseaudio/PulseAudioTargetDataLine.java in…
CVE-2009-2690 — CVSS 5.0 (medium): The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which allows…
CVE-2009-3728 — CVSS 5.0 (medium): Directory traversal vulnerability in the ICC_Profile.getInstance method in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update…
CVE-2009-3880 — CVSS 5.0 (medium): The Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and…
CVE-2009-0793 — CVSS 4.3 (medium): cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of…