CVSS: 10.0EPSS: 46%CPEs: 188EXPL: 1CVE-2013-2472 – Oracle Java ShortComponentRaster Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2472
18 Jun 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorr... • https://www.exploit-db.com/exploits/28331 •
CVSS: 10.0EPSS: 9%CPEs: 180EXPL: 0CVE-2013-1537 – OpenJDK: remote code loading enabled by default (RMI, 8001040)
https://notcve.org/view.php?id=CVE-2013-1537
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the default java.rmi.server.useCodebaseOnly setting of false, which... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •
CVSS: 10.0EPSS: 5%CPEs: 106EXPL: 0CVE-2013-1558 – OpenJDK: java.beans.ThreadGroupContext missing restrictions (Beans, 7200507)
https://notcve.org/view.php?id=CVE-2013-1558
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 7 Update 17 y anteriores, y en 6 Update 43 y anteriores, permite a atacantes remotos comprometer la confidencialidad, la integridad y disponibilidad a tra... • http://lists.apple.com/archives/security-announce/2013/Apr/msg00001.html •
CVSS: 8.1EPSS: 3%CPEs: 115EXPL: 0CVE-2013-1563 – JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Install)
https://notcve.org/view.php?id=CVE-2013-1563
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install. Vulnerabilidad no especificada en Java Runtime Environment (JRE) componente de Oracle Java SE v7 Update v17 y anteriores, v6 Update v43 y anteriores, y JavaFX v2.2.7 y anteriores, la confidencialidad, integridad y disponib... • http://lists.apple.com/archives/security-announce/2013/Apr/msg00001.html •
CVSS: 10.0EPSS: 15%CPEs: 180EXPL: 0CVE-2013-1569 – Oracle Java mort TTF Table Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-1569
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "checking of [a] glyph table" in the International Component... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •
CVSS: 10.0EPSS: 7%CPEs: 180EXPL: 0CVE-2013-2383 – Oracle Java mort TTF Table Ligature Substitution Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2383
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2384, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this ... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •
CVSS: 10.0EPSS: 7%CPEs: 180EXPL: 0CVE-2013-2384 – Oracle Java GSUB TTF Table LookupCount Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2384
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2383, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this ... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •
CVSS: 9.3EPSS: 5%CPEs: 189EXPL: 0CVE-2013-2394 – Oracle Java t2k Type1 Subroutine Indexing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2394
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2432 and CVE-2013-1491. Vulnerabilidad no especificada en Java Runtime Environment (JRE) componente de Oracle Java SE v7 Update v17 y anteriores, v6 Update v43 ... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880 •
CVSS: 8.4EPSS: 21%CPEs: 180EXPL: 1CVE-2013-2419 – Java Web Start Launcher ActiveX Control - Memory Corruption
https://notcve.org/view.php?id=CVE-2013-2419
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "font processing errors" in the International Components for Unicode (ICU) Layout Engine bef... • https://www.exploit-db.com/exploits/24966 •
CVSS: 10.0EPSS: 6%CPEs: 180EXPL: 0CVE-2013-2420 – Oracle Java setICMpixels Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2420
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient "validation of images" in share/native/sun/awt/... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •