CVSS: 10.0EPSS: 14%CPEs: 28EXPL: 0CVE-2013-2431 – OpenJDK: Hotspot intrinsic frames vulnerability (Hotspot, 8004336)
https://notcve.org/view.php?id=CVE-2013-2431
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to bypassing the Java sandbox using "method handle intrinsic frames." Una vulnerabilidad no especificada en el com... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •
CVSS: 10.0EPSS: 5%CPEs: 189EXPL: 0CVE-2013-2432 – JDK: unspecified vulnerability fixed in 7u21 and 6u45 (2D)
https://notcve.org/view.php?id=CVE-2013-2432
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2394 and CVE-2013-1491. Vulnerabilidad no especificada en el entorno de ejecución de Java (JRE) en el componente Oracle Java SE v7 Update v17 y anteriores, v6 U... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880 •
CVSS: 10.0EPSS: 1%CPEs: 37EXPL: 0CVE-2013-2434 – Oracle Java t2k.dll glyph_AddPoint() Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2434
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. Vulnerabilidad no especificada en el entorno de ejecución de Java (JRE) en el componente Oracle Java SE v7 Update v17 y anteriores y JavaFX v2.2.7 y anteriores permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través... • http://marc.info/?l=bugtraq&m=137283787217316&w=2 •
CVSS: 10.0EPSS: 5%CPEs: 106EXPL: 0CVE-2013-2435 – JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)
https://notcve.org/view.php?id=CVE-2013-2435
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2440. Vulnerabilidad no especificada en el entorno de ejecución de Java (JRE) en el componente Oracle Java SE v7 Update v17 y anteriores y v6 Update v43 y anteriores permite a atacantes remotos afectar a la... • http://lists.apple.com/archives/security-announce/2013/Apr/msg00001.html •
CVSS: 9.3EPSS: 6%CPEs: 28EXPL: 0CVE-2013-2436 – Oracle Java MethodHandle Sandbox Bypass Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2436
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-1488 and CVE-2013-2426. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "type checks" and "method handle binding"... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •
CVSS: 10.0EPSS: 5%CPEs: 106EXPL: 0CVE-2013-2440 – JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)
https://notcve.org/view.php?id=CVE-2013-2440
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2435. Vulnerabilidad no especificada en el entorno de ejecución de Java (JRE) en el componente Oracle Java SE v7 Update v17 y anteriores y v6 Update v43 y anteriores permite a atacantes remotos afectar la c... • http://lists.apple.com/archives/security-announce/2013/Apr/msg00001.html •
CVSS: 10.0EPSS: 9%CPEs: 180EXPL: 0CVE-2013-1537 – OpenJDK: remote code loading enabled by default (RMI, 8001040)
https://notcve.org/view.php?id=CVE-2013-1537
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the default java.rmi.server.useCodebaseOnly setting of false, which... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •
CVSS: 10.0EPSS: 5%CPEs: 106EXPL: 0CVE-2013-1558 – OpenJDK: java.beans.ThreadGroupContext missing restrictions (Beans, 7200507)
https://notcve.org/view.php?id=CVE-2013-1558
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 7 Update 17 y anteriores, y en 6 Update 43 y anteriores, permite a atacantes remotos comprometer la confidencialidad, la integridad y disponibilidad a tra... • http://lists.apple.com/archives/security-announce/2013/Apr/msg00001.html •
CVSS: 8.1EPSS: 3%CPEs: 115EXPL: 0CVE-2013-1563 – JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Install)
https://notcve.org/view.php?id=CVE-2013-1563
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install. Vulnerabilidad no especificada en Java Runtime Environment (JRE) componente de Oracle Java SE v7 Update v17 y anteriores, v6 Update v43 y anteriores, y JavaFX v2.2.7 y anteriores, la confidencialidad, integridad y disponib... • http://lists.apple.com/archives/security-announce/2013/Apr/msg00001.html •
CVSS: 10.0EPSS: 15%CPEs: 180EXPL: 0CVE-2013-1569 – Oracle Java mort TTF Table Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-1569
17 Apr 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "checking of [a] glyph table" in the International Component... • http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released •