Page 11 of 107 results (0.012 seconds)

CVSS: 2.9EPSS: 0%CPEs: 9EXPL: 0

CVE-2016-3485

https://notcve.org/view.php?id=CVE-2016-3485

Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows local users to affect integrity via vectors related to Networking. Vulnerabilidad no especificada en Oracle Java SE 6u115, 7u101 y 8u92; Java SE Embedded 8u91 y JRockit R28.3.10 permite a usuarios locales afectar la integridad a través de vectores relacionados con Networking. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2016-09 •

CVSS: 5.3EPSS: 1%CPEs: 12EXPL: 0

CVE-2016-3508 – OpenJDK: missing entity replacement limits (JAXP, 8149962)

https://notcve.org/view.php?id=CVE-2016-3508

Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500. Vulnerabilidad no especificada en Oracle Java SE 6u115, 7u101 y 8u92; Java SE Embedded 8u91 y JRockit R28.3.10 permite a atacantes remotos afectar la disponibilidad a través de vectores relacionados con JAXP, una vulnerabilidad diferente a CVE-2016-3500. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html http://lists.opensuse.org/opensuse-updates/2016-08/msg00028. • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 5.3EPSS: 1%CPEs: 12EXPL: 0

CVE-2016-3500 – OpenJDK: maximum XML name limit not applied to namespace URIs (JAXP, 8148872)

https://notcve.org/view.php?id=CVE-2016-3500

Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3508. Vulnerabilidad no especificada en Oracle Java SE 6u115, 7u101 y 8u92; Java SE Embedded 8u91 y JRockit R28.3.10 permite a atacantes remotos afectar la disponibilidad a través de vectores relacionados con JAXP, una vulnerabilidad diferente a CVE-2016-3508. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html http://lists.opensuse.org/opensuse-updates/2016-08/msg00028. • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 5.0EPSS: 2%CPEs: 7EXPL: 0

CVE-2016-3425 – OpenJDK: incorrect handling of surrogate pairs in XML attribute values (JAXP, 8143167)

https://notcve.org/view.php?id=CVE-2016-3425

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP. Vulnerabilidad no especificada en Oracle Java SE 6u113, 7u99 y 8u77; Java SE Embedded 8u77; y JRockit R28.3.9 permite a atacantes remotos afectar a la disponibilidad a través de vectores relacionados con JAXP. It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2016-05 •

CVSS: 5.9EPSS: 0%CPEs: 25EXPL: 0

CVE-2016-0695 – OpenJDK: insufficient DSA key parameters checks (Security, 8138593)

https://notcve.org/view.php?id=CVE-2016-0695

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security. Vulnerabilidad no especificada en Oracle Java SE 6u113, 7u99 y 8u77; Java SE Embedded 8u77; y JRockit R28.3.9 permite a atacantes remotos afectar a la confidencialidad a través de vectores relacionados con Security. It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2016-05 •