CVSS: 7.5EPSS: 0%CPEs: 37EXPL: 0CVE-2013-1564 – JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)
https://notcve.org/view.php?id=CVE-2013-1564
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect integrity via unknown vectors related to JavaFX. Vulnerabilidad no especificada en Java Runtime Environment (JRE) componente de Oracle Java SE v7 Update v17 y anteriores y JavaFX v2.2.7 y anteriores, permite a atacantes remotos afectar la integridad a través de vectores desconocidos relacionados con JavaFX. Oracle Java SE version 7... • http://rhn.redhat.com/errata/RHSA-2013-0757.html •
CVSS: 10.0EPSS: 7%CPEs: 180EXPL: 0CVE-2013-2383 – Oracle Java mort TTF Table Ligature Substitution Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2383
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2384, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this ... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •
CVSS: 10.0EPSS: 7%CPEs: 180EXPL: 0CVE-2013-2384 – Oracle Java GSUB TTF Table LookupCount Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2384
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2383, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this ... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •
CVSS: 9.3EPSS: 5%CPEs: 189EXPL: 0CVE-2013-2394 – Oracle Java t2k Type1 Subroutine Indexing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2394
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2432 and CVE-2013-1491. Vulnerabilidad no especificada en Java Runtime Environment (JRE) componente de Oracle Java SE v7 Update v17 y anteriores, v6 Update v43 ... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880 •
CVSS: 7.5EPSS: 0%CPEs: 28EXPL: 0CVE-2013-2415 – OpenJDK: temporary files created with insecure permissions (JAX-WS, 8003542)
https://notcve.org/view.php?id=CVE-2013-2415
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows local users to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "processing of MTOM attachments" and the creation of temporary files with weak permissions. La vulnerabilidad no especificada en el componente Java Runtim... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.1EPSS: 37%CPEs: 28EXPL: 2CVE-2013-2416 – Java Web Start Launcher ActiveX Control - Memory Corruption
https://notcve.org/view.php?id=CVE-2013-2416
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment. Vulnerabilidad no especificada en el entorno de ejecución de Java (JRE) en el componente Oracle Java SE 7 Update 17 y anteriores permite a atacantes remotos afectar la integridad a través de vectores desconocidos relacionados con la implementación. Oracle Java SE version 7 includes the Oracle Java Runtime En... • https://packetstorm.news/files/id/121334 •
CVSS: 7.5EPSS: 4%CPEs: 180EXPL: 0CVE-2013-2417 – OpenJDK: Network InetAddress serialization information disclosure (Networking, 8000724)
https://notcve.org/view.php?id=CVE-2013-2417
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to Networking. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an information leak involving InetAddress serialization. CVE has not investigated th... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •
CVSS: 8.4EPSS: 21%CPEs: 180EXPL: 1CVE-2013-2419 – Java Web Start Launcher ActiveX Control - Memory Corruption
https://notcve.org/view.php?id=CVE-2013-2419
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "font processing errors" in the International Components for Unicode (ICU) Layout Engine bef... • https://www.exploit-db.com/exploits/24966 •
CVSS: 10.0EPSS: 6%CPEs: 180EXPL: 0CVE-2013-2420 – Oracle Java setICMpixels Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2420
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient "validation of images" in share/native/sun/awt/... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •
CVSS: 9.3EPSS: 24%CPEs: 28EXPL: 0CVE-2013-2421 – OpenJDK: Hotspot MethodHandle lookup error (Hotspot, 8009699)
https://notcve.org/view.php?id=CVE-2013-2421
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect MethodHandle lookups, which allows remote attackers to bypass Java sandbox restrictions. La vulnerabi... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •