CVSS: 9.8EPSS: 3%CPEs: 158EXPL: 0CVE-2013-3743 – JDK: unspecified vulnerability fixed in 6u51 and 5u51 (AWT)
https://notcve.org/view.php?id=CVE-2013-3743
18 Jun 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 45 and earlier and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 6 Update 45 y anteriores y v5.0 Update 45 y anteriores permite a atacantes remotos afectar a la integridad, confidencialidad y disponibilidad mediante vectores re... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880 •
CVSS: 10.0EPSS: 5%CPEs: 180EXPL: 0CVE-2013-2384 – Oracle Java GSUB TTF Table LookupCount Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2384
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2383, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this ... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •
CVSS: 10.0EPSS: 2%CPEs: 28EXPL: 0CVE-2013-2431 – OpenJDK: Hotspot intrinsic frames vulnerability (Hotspot, 8004336)
https://notcve.org/view.php?id=CVE-2013-2431
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to bypassing the Java sandbox using "method handle intrinsic frames." Una vulnerabilidad no especificada en el com... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •
CVSS: 8.1EPSS: 5%CPEs: 189EXPL: 0CVE-2013-2430 – OpenJDK: JPEGImageReader state corruption (ImageIO, 8007667)
https://notcve.org/view.php?id=CVE-2013-2430
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; JavaFX 2.2.7 and earlier; and OpenJDK 6 and 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ImageIO. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "JPEGImageReader state corrupt... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •
CVSS: 9.3EPSS: 3%CPEs: 28EXPL: 0CVE-2013-2436 – Oracle Java MethodHandle Sandbox Bypass Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2436
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-1488 and CVE-2013-2426. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "type checks" and "method handle binding"... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •
CVSS: 8.4EPSS: 4%CPEs: 180EXPL: 1CVE-2013-2419 – Java Web Start Launcher ActiveX Control - Memory Corruption
https://notcve.org/view.php?id=CVE-2013-2419
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "font processing errors" in the International Components for Unicode (ICU) Layout Engine bef... • https://www.exploit-db.com/exploits/24966 •
CVSS: 10.0EPSS: 3%CPEs: 37EXPL: 0CVE-2013-2434 – Oracle Java t2k.dll glyph_AddPoint() Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2434
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. Vulnerabilidad no especificada en el entorno de ejecución de Java (JRE) en el componente Oracle Java SE v7 Update v17 y anteriores y JavaFX v2.2.7 y anteriores permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través... • http://marc.info/?l=bugtraq&m=137283787217316&w=2 •
CVSS: 7.4EPSS: 0%CPEs: 106EXPL: 0CVE-2013-2418 – JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)
https://notcve.org/view.php?id=CVE-2013-2418
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. Vulnerabilidad no especificada en el entorno de ejecución de Java (JRE) en el componente Oracle Java SE 7 Update 17 y anteriores y 6 Update 43 y anteriores permite a usuarios locales afectan a la confidencialidad, integridad y disponibilidad a través ... • http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00013.html •
CVSS: 10.0EPSS: 1%CPEs: 106EXPL: 0CVE-2013-2440 – JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)
https://notcve.org/view.php?id=CVE-2013-2440
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2435. Vulnerabilidad no especificada en el entorno de ejecución de Java (JRE) en el componente Oracle Java SE v7 Update v17 y anteriores y v6 Update v43 y anteriores permite a atacantes remotos afectar la c... • http://lists.apple.com/archives/security-announce/2013/Apr/msg00001.html •
CVSS: 7.5EPSS: 0%CPEs: 28EXPL: 0CVE-2013-2415 – OpenJDK: temporary files created with insecure permissions (JAX-WS, 8003542)
https://notcve.org/view.php?id=CVE-2013-2415
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows local users to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "processing of MTOM attachments" and the creation of temporary files with weak permissions. La vulnerabilidad no especificada en el componente Java Runtim... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released • CWE-732: Incorrect Permission Assignment for Critical Resource •