CVSS: 9.3EPSS: 22%CPEs: 28EXPL: 0CVE-2013-2421 – OpenJDK: Hotspot MethodHandle lookup error (Hotspot, 8009699)
https://notcve.org/view.php?id=CVE-2013-2421
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect MethodHandle lookups, which allows remote attackers to bypass Java sandbox restrictions. La vulnerabi... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •
CVSS: 10.0EPSS: 11%CPEs: 106EXPL: 0CVE-2013-2422 – OpenJDK: MethodUtil trampoline class incorrect restrictions (Libraries, 8009857)
https://notcve.org/view.php?id=CVE-2013-2422
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper method-invocation restrictions by the MethodUtil trampoline class, which... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •
CVSS: 10.0EPSS: 2%CPEs: 28EXPL: 0CVE-2013-2425 – JDK: unspecified vulnerability fixed in 7u21 (Install)
https://notcve.org/view.php?id=CVE-2013-2425
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install. Vulnerabilidad no especificada en el entorno de ejecución de Java (JRE) en el componente Oracle Java SE 7 Update 17 y anteriores permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con la instalaci... • http://rhn.redhat.com/errata/RHSA-2013-0757.html •
CVSS: 9.3EPSS: 22%CPEs: 28EXPL: 0CVE-2013-2426 – Oracle Java java.util.concurrent.ConcurrentHashMap Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2426
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect invocation of the defaultReadObject method in the ConcurrentHashMap class, which allows remote atta... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •
CVSS: 10.0EPSS: 2%CPEs: 37EXPL: 0CVE-2013-2428 – Oracle Java JavaFX WebPage Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2428
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX, a different vulnerability than CVE-2013-0402, CVE-2013-2414, and CVE-2013-2427. Vulnerabilidad no especificada en el entorno de ejecución de Java (JRE) en el componente Oracle Java SE 7 Update 17 y anteriores y JavaFX 2.2.7 y anteriores permite a at... • http://rhn.redhat.com/errata/RHSA-2013-0757.html •
CVSS: 8.1EPSS: 10%CPEs: 180EXPL: 0CVE-2013-2429 – OpenJDK: JPEGImageWriter state corruption (ImageIO, 8007918)
https://notcve.org/view.php?id=CVE-2013-2429
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ImageIO. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "JPEGImageWriter state corruption" when using native co... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •
CVSS: 10.0EPSS: 7%CPEs: 180EXPL: 0CVE-2013-1518 – OpenJDK: JAXP missing security restrictions (JAXP, 6657673)
https://notcve.org/view.php?id=CVE-2013-1518
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "missing security restrictions." Vulnerabilidad no especificada en... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •
CVSS: 9.1EPSS: 4%CPEs: 106EXPL: 0CVE-2013-1540 – JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)
https://notcve.org/view.php?id=CVE-2013-1540
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2433. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 7 Update 17 y anteriores, y en 6 Update 43 y anteriores, permite a atacantes remotos comprometer la integridad a través de vectores no esp... • http://lists.apple.com/archives/security-announce/2013/Apr/msg00001.html •
CVSS: 10.0EPSS: 8%CPEs: 180EXPL: 0CVE-2013-1557 – OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329)
https://notcve.org/view.php?id=CVE-2013-1557
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "missing security restrictions" in the LogStream.setDefaultStream m... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •
CVSS: 9.8EPSS: 0%CPEs: 37EXPL: 0CVE-2013-1561 – JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)
https://notcve.org/view.php?id=CVE-2013-1561
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality via unknown vectors related to JavaFX. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 7 Update 17 y anteriores, y en JavaFX 2.2.7 y anteriores, permite a atacantes remotos comprometer la confidencialidad a través de vectores no especificados que involucran a JavaFX. ... • http://rhn.redhat.com/errata/RHSA-2013-0757.html •