CVSS: 9.8EPSS: 2%CPEs: 8EXPL: 0CVE-2015-4903 – OpenJDK: insufficient proxy class checks in RemoteObjectInvocationHandler (RMI, 8076339)
https://notcve.org/view.php?id=CVE-2015-4903
21 Oct 2015 — Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to RMI. Vulnerabilidad no especificada en Oracle Java SE 6u101, 7u85 y 8u60 y Java SE Embedded 8u51, permite a atacantes remotos afectar a la confidencialidad a través de vectores relacionados con RMI. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Multiple flaws wer... • http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html •
CVSS: 10.0EPSS: 7%CPEs: 8EXPL: 0CVE-2015-4805 – OpenJDK: missing checks for proper initialization in ObjectStreamClass (Serialization, 8103671)
https://notcve.org/view.php?id=CVE-2015-4805
21 Oct 2015 — Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serialization. Vulnerabilidad no especificada en Oracle Java SE 6u101, 7u85 y 8u60 y Java SE Embedded 8u51, permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Serialization. The java-1.7.0-openjdk packages provide the Ope... • http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html • CWE-665: Improper Initialization •
CVSS: 9.8EPSS: 2%CPEs: 8EXPL: 0CVE-2015-4806 – OpenJDK: HttpURLConnection header restriction bypass (Libraries, 8130193)
https://notcve.org/view.php?id=CVE-2015-4806
21 Oct 2015 — Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. Vulnerabilidad no especificada en Oracle Java SE 6u101, 7u85 y 8u60 y Java SE Embedded 8u51, permite a atacantes remotos afectar a la confidencialidad e integridad a través de vectores desconocidos relacionados con Libraries. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the... • http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 1%CPEs: 8EXPL: 0CVE-2015-4734 – OpenJDK: kerberos realm name leak (JGSS, 8048030)
https://notcve.org/view.php?id=CVE-2015-4734
21 Oct 2015 — Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JGSS. Vulnerabilidad no especificada en Oracle Java SE 6u101, 7u85 y 8u60 y Java SE Embedded 8u51, permite a atacantes remotos afectar a la confidencialidad a través de vectores relacionados con JGSS. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Multiple flaws we... • http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 5%CPEs: 9EXPL: 0CVE-2015-4803 – OpenJDK: inefficient use of hash tables and lists during XML parsing (JAXP, 8068842)
https://notcve.org/view.php?id=CVE-2015-4803
21 Oct 2015 — Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911. Vulnerabilidad no especificada en Oracle Java SE 6u101, 7u85 y 8u60; Java SE Embedded 8u51 y JRockit R28.3.7 permite a atacantes remotos afectar a la disponibilidad a través de vectores relacionados con JAXP, una vulnerabilidad diferente a CVE-2015-4893 y CVE-20... • http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html • CWE-407: Inefficient Algorithmic Complexity •
CVSS: 7.5EPSS: 1%CPEs: 6EXPL: 0CVE-2015-2627 – JDK: unspecified vulnerability fixed in 6u101, 7u85 and 8u51 (Install)
https://notcve.org/view.php?id=CVE-2015-2627
16 Jul 2015 — Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to installation. Vulnerabilidad no especificada en Oracle Java SE 6u95, 7u80 y 8u45, permite a atacantes remotos afectar la confidencialidad a través de vectores desconocidos relacionados con la instalación. Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in ... • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html •
CVSS: 7.5EPSS: 1%CPEs: 11EXPL: 0CVE-2015-2637 – JDK: unspecified vulnerability fixed in 6u101, 7u85 and 8u51 (2D)
https://notcve.org/view.php?id=CVE-2015-2637
16 Jul 2015 — Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via unknown vectors related to 2D. Vulnerabilidad no especificada en Oracle Java SE 6u95, 7u80, y 8u45; JavaFX 2.2.80; y Java SE Embedded 7u75 y 8u33, permite a atacantes remotos afectar la confidencialidad a través de vectores desconocidos relacionados con 2D. Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle... • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html •
CVSS: 10.0EPSS: 9%CPEs: 11EXPL: 0CVE-2015-2638 – JDK: unspecified vulnerability fixed in 6u101, 7u85 and 8u51 (2D)
https://notcve.org/view.php?id=CVE-2015-2638
16 Jul 2015 — Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. Vulnerabilidad no especificada en Oracle Java SE 6u95, 7u80, y 8u45; JavaFX 2.2.80; y Java SE Embedded 7u75 y 8u33, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con 2D. Oracle Java SE version 7 i... • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html •
CVSS: 8.4EPSS: 0%CPEs: 6EXPL: 0CVE-2015-2664 – JDK: unspecified vulnerability fixed in 6u101, 7u85 and 8u51 (Deployment)
https://notcve.org/view.php?id=CVE-2015-2664
16 Jul 2015 — Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. Vulnerabilidad no especificada en Oracle Java SE 6u95, 7u80 y 8u45, permite a usuarios locales afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Deployment. Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.... • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html •
CVSS: 10.0EPSS: 68%CPEs: 10EXPL: 0CVE-2015-2590 – Oracle Java SE and Java SE Embedded Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-2590
16 Jul 2015 — Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732. Vulnerabilidad no especificada en Oracle Java SE versiones 6u95, 7u80 y 8u45 y en Java SE Embedded versiones 7u75 y 8u33, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos rel... • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html •