CVSS: 4.3EPSS: 1%CPEs: 9EXPL: 0CVE-2016-3458 – OpenJDK: insufficient restrictions on the use of custom ValueHandler (CORBA, 8079718)
https://notcve.org/view.php?id=CVE-2016-3458
21 Jul 2016 — Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; and Java SE Embedded 8u91 allows remote attackers to affect integrity via vectors related to CORBA. Vulnerabilidad no especificada en Oracle Java SE 6u115, 7u101 y 8u92 y Java SE Embedded 8u91 permite a atacantes remotos afectar la integridad a través de vectores relacionados con CORBA. The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. Security Fix: An insufficien... • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html •
CVSS: 5.3EPSS: 5%CPEs: 12EXPL: 0CVE-2016-3500 – OpenJDK: maximum XML name limit not applied to namespace URIs (JAXP, 8148872)
https://notcve.org/view.php?id=CVE-2016-3500
21 Jul 2016 — Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3508. Vulnerabilidad no especificada en Oracle Java SE 6u115, 7u101 y 8u92; Java SE Embedded 8u91 y JRockit R28.3.10 permite a atacantes remotos afectar la disponibilidad a través de vectores relacionados con JAXP, una vulnerabilidad diferente a CVE-2016-3508. The java-1.6.0-openjdk ... • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.7EPSS: 0%CPEs: 6EXPL: 0CVE-2016-3503 – JDK: unspecified vulnerability fixed in 6u121, 7u111, and 8u101 (Install)
https://notcve.org/view.php?id=CVE-2016-3503
21 Jul 2016 — Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Install. Vulnerabilidad no especificada en Oracle Java SE 6u115, 7u101 y 8u92 permite a usuarios locales afectar la confidencialidad, la integridad y la disponibilidad a través de vectores relacionados con Install. Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgra... • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html •
CVSS: 5.0EPSS: 1%CPEs: 6EXPL: 0CVE-2016-3422 – JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)
https://notcve.org/view.php?id=CVE-2016-3422
21 Apr 2016 — Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D. Vulnerabilidad no especificada en Oracle Java SE 6u113, 7u99 y 8u77 permite a atacantes remotos afectar a la disponibilidad a través de vectores relacionados con 2D. Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 6 to version 6 Update 115. Security Fix: This update f... • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html •
CVSS: 10.0EPSS: 4%CPEs: 6EXPL: 0CVE-2016-3443 – Oracle Java Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2016-3443
21 Apr 2016 — Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D. NOTE: the previous information is from the April 2016 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information via crafted font data, which triggers an out-of-bounds read. Vulnerabilidad no especificada en Oracle Java SE 6u113, 7u99 y 8u77 permite a atacantes remotos afect... • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html •
CVSS: 8.3EPSS: 8%CPEs: 6EXPL: 0CVE-2016-3449 – JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (Deployment)
https://notcve.org/view.php?id=CVE-2016-3449
21 Apr 2016 — Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Deployment. Vulnerabilidad no especificada en Oracle Java SE 6u113, 7u99 y 8u77 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores relacionados con Deployment. Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update... • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html •
CVSS: 10.0EPSS: 93%CPEs: 81EXPL: 0CVE-2016-3427 – Oracle Java SE and JRockit Unspecified Vulnerability
https://notcve.org/view.php?id=CVE-2016-3427
20 Apr 2016 — Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. Vulnerabilidad no especificada en Oracle Java SE 6u113, 7u99 y 8u77; Java SE Embedded 8u77; y JRockit R28.3.9 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores relacionados con JMX. It was discovered that the RMI server implementation in... • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 10%CPEs: 6EXPL: 0CVE-2016-0686 – OpenJDK: insufficient thread consistency checks in ObjectInputStream (Serialization, 8129952)
https://notcve.org/view.php?id=CVE-2016-0686
20 Apr 2016 — Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization. Vulnerabilidad no especificada en Oracle Java SE 6u113, 7u99 y 8u77 y Java SE Embedded 8u77 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores relacionados con Serialization. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Envi... • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html •
CVSS: 10.0EPSS: 10%CPEs: 6EXPL: 0CVE-2016-0687 – OpenJDK: insufficient byte type checks (Hotspot, 8132051)
https://notcve.org/view.php?id=CVE-2016-0687
20 Apr 2016 — Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the Hotspot sub-component. Vulnerabilidad no especificada en Oracle Java SE 6u113, 7u99 y 8u77 y Java SE Embedded 8u77 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores relacionados con el subcomponente Hotspot. The java-1.7.0-openjdk packages provide the Open... • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html •
CVSS: 5.9EPSS: 1%CPEs: 25EXPL: 0CVE-2016-0695 – OpenJDK: insufficient DSA key parameters checks (Security, 8138593)
https://notcve.org/view.php?id=CVE-2016-0695
20 Apr 2016 — Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security. Vulnerabilidad no especificada en Oracle Java SE 6u113, 7u99 y 8u77; Java SE Embedded 8u77; y JRockit R28.3.9 permite a atacantes remotos afectar a la confidencialidad a través de vectores relacionados con Security. It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength ... • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html •