CVSS: 9.1EPSS: 8%CPEs: 188EXPL: 0CVE-2013-2454 – OpenJDK: SerialJavaObject package restriction (JDBC, 8009554)
https://notcve.org/view.php?id=CVE-2013-2454
18 Jun 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and integrity via vectors related to JDBC. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not properly restrict access to certain class packages in the SerialJavaObject class, which allow... • http://advisories.mageia.org/MGASA-2013-0185.html •
CVSS: 8.4EPSS: 21%CPEs: 180EXPL: 1CVE-2013-2419 – Java Web Start Launcher ActiveX Control - Memory Corruption
https://notcve.org/view.php?id=CVE-2013-2419
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "font processing errors" in the International Components for Unicode (ICU) Layout Engine bef... • https://www.exploit-db.com/exploits/24966 •
CVSS: 10.0EPSS: 6%CPEs: 180EXPL: 0CVE-2013-2420 – Oracle Java setICMpixels Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2420
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient "validation of images" in share/native/sun/awt/... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •
CVSS: 9.3EPSS: 22%CPEs: 28EXPL: 0CVE-2013-2421 – OpenJDK: Hotspot MethodHandle lookup error (Hotspot, 8009699)
https://notcve.org/view.php?id=CVE-2013-2421
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect MethodHandle lookups, which allows remote attackers to bypass Java sandbox restrictions. La vulnerabi... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •
CVSS: 10.0EPSS: 11%CPEs: 106EXPL: 0CVE-2013-2422 – OpenJDK: MethodUtil trampoline class incorrect restrictions (Libraries, 8009857)
https://notcve.org/view.php?id=CVE-2013-2422
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper method-invocation restrictions by the MethodUtil trampoline class, which... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •
CVSS: 10.0EPSS: 2%CPEs: 28EXPL: 0CVE-2013-2425 – JDK: unspecified vulnerability fixed in 7u21 (Install)
https://notcve.org/view.php?id=CVE-2013-2425
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install. Vulnerabilidad no especificada en el entorno de ejecución de Java (JRE) en el componente Oracle Java SE 7 Update 17 y anteriores permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con la instalaci... • http://rhn.redhat.com/errata/RHSA-2013-0757.html •
CVSS: 9.3EPSS: 22%CPEs: 28EXPL: 0CVE-2013-2426 – Oracle Java java.util.concurrent.ConcurrentHashMap Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2426
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect invocation of the defaultReadObject method in the ConcurrentHashMap class, which allows remote atta... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •
CVSS: 10.0EPSS: 2%CPEs: 37EXPL: 0CVE-2013-2428 – Oracle Java JavaFX WebPage Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2428
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX, a different vulnerability than CVE-2013-0402, CVE-2013-2414, and CVE-2013-2427. Vulnerabilidad no especificada en el entorno de ejecución de Java (JRE) en el componente Oracle Java SE 7 Update 17 y anteriores y JavaFX 2.2.7 y anteriores permite a at... • http://rhn.redhat.com/errata/RHSA-2013-0757.html •
CVSS: 8.1EPSS: 10%CPEs: 180EXPL: 0CVE-2013-2429 – OpenJDK: JPEGImageWriter state corruption (ImageIO, 8007918)
https://notcve.org/view.php?id=CVE-2013-2429
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ImageIO. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "JPEGImageWriter state corruption" when using native co... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •
CVSS: 8.1EPSS: 6%CPEs: 189EXPL: 0CVE-2013-2430 – OpenJDK: JPEGImageReader state corruption (ImageIO, 8007667)
https://notcve.org/view.php?id=CVE-2013-2430
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; JavaFX 2.2.7 and earlier; and OpenJDK 6 and 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ImageIO. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "JPEGImageReader state corrupt... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •