CVSS: 9.8EPSS: 3%CPEs: 14EXPL: 0CVE-2014-2414 – OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030)
https://notcve.org/view.php?id=CVE-2014-2414
16 Apr 2014 — Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXB. Vulnerabilidad no especificada en Oracle Java SE 6u71, 7u51, y 8, y Java SE Embedded 7u51, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores relacionados con JAXB. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK... • http://marc.info/?l=bugtraq&m=140852886808946&w=2 •
CVSS: 9.8EPSS: 3%CPEs: 16EXPL: 0CVE-2014-0451 – OpenJDK: AWT incorrect FlavorMap seperation (AWT, 8026797)
https://notcve.org/view.php?id=CVE-2014-0451
16 Apr 2014 — Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT, a different vulnerability than CVE-2014-2412. Vulnerabilidad no especificada en Oracle Java SE 5.0u61, 6u71, 7u51, y 8, y Java SE Embedded 7u51, permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores relacionados con AWT, una vulnerabilidad diferente a C... • http://marc.info/?l=bugtraq&m=140852886808946&w=2 •
CVSS: 9.8EPSS: 10%CPEs: 17EXPL: 0CVE-2014-0461 – OpenJDK: Better ScriptEngineManager ScriptEngine management (Libraries, 8036794)
https://notcve.org/view.php?id=CVE-2014-0461
16 Apr 2014 — Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. Vulnerabilidad no especificada en Oracle Java SE 6u71, 7u51, y 8, y Java SE Embedded 7u51, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores relacionados con las librerías. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Envir... • http://marc.info/?l=bugtraq&m=140852886808946&w=2 •
CVSS: 7.5EPSS: 2%CPEs: 14EXPL: 0CVE-2014-2403 – OpenJDK: JAXP CharInfo file access restriction (JAXP, 8029282)
https://notcve.org/view.php?id=CVE-2014-2403
16 Apr 2014 — Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality via vectors related to JAXP. Vulnerabilidad no especificada en Oracle Java SE 6u71, 7u51, y 8, y Java SE Embedded 7u51, permite a atacantes remotos afectar la confidencialidad a través de vectores relacionados con JAXP. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An input validation flaw... • http://marc.info/?l=bugtraq&m=140852886808946&w=2 •
CVSS: 9.8EPSS: 3%CPEs: 12EXPL: 0CVE-2014-0459 – lcms: insufficient ICC profile version validation (OpenJDK 2D, 8031335)
https://notcve.org/view.php?id=CVE-2014-0459
16 Apr 2014 — Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect availability via unknown vectors related to 2D. Vulnerabilidad no especificada en Oracle Java SE 7u51 y 8, y Java SE Embedded 7u51, permite a atacantes remotos afectar la disponibilidad a través de vectores desconocidos relacionados con 2D. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An input validation flaw w... • http://marc.info/?l=bugtraq&m=140852886808946&w=2 •
CVSS: 10.0EPSS: 10%CPEs: 22EXPL: 0CVE-2014-0429 – OpenJDK: Incorrect mlib/raster image validation (2D, 8027841)
https://notcve.org/view.php?id=CVE-2014-0429
15 Apr 2014 — Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. Vulnerabilidad no especificada en Oracle Java SE 5.0u61, 6u71, 7u51, y 8; JRockit R27.8.1 y R28.3.1; y Java SE Embedded 7u51 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con 2D. The jav... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 •
CVSS: 9.8EPSS: 4%CPEs: 16EXPL: 0CVE-2014-0446 – OpenJDK: Protect logger handlers (Libraries, 8029740)
https://notcve.org/view.php?id=CVE-2014-0446
15 Apr 2014 — Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. Vulnerabilidad no especificada en Oracle Java SE 5.0u61, 6u71, 7u51, y 8, y Java SE Embedded 7u51, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con las librerías. The java-1.7.0-openjdk packages provide the... • http://marc.info/?l=bugtraq&m=140852886808946&w=2 •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2011-3628
https://notcve.org/view.php?id=CVE-2011-3628
15 Apr 2014 — Untrusted search path vulnerability in pam_motd (aka the MOTD module) in libpam-modules before 1.1.3-2ubuntu2.1 on Ubuntu 11.10, before 1.1.2-2ubuntu8.4 on Ubuntu 11.04, before 1.1.1-4ubuntu2.4 on Ubuntu 10.10, before 1.1.1-2ubuntu5.4 on Ubuntu 10.04 LTS, and before 0.99.7.1-5ubuntu6.5 on Ubuntu 8.04 LTS, when using certain configurations such as "session optional pam_motd.so", allows local users to gain privileges by modifying the PATH environment variable to reference a malicious command, as demonstrated ... • http://www.ubuntu.com/usn/USN-1237-1 •
CVSS: 7.5EPSS: 79%CPEs: 76EXPL: 1CVE-2013-5704 – httpd: bypass of mod_headers rules via chunked requests
https://notcve.org/view.php?id=CVE-2013-5704
15 Apr 2014 — The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such." El módulo mod_headers en el servidor de Apache HTTP 2.2.22 permite a atacantes remotos evadir directivas "RequestHeader unset" mediante la colocación de una cabera en la porción "trailer" de datos enviados con codificación de tran... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 3%CPEs: 6EXPL: 0CVE-2014-2523 – kernel: netfilter: nf_conntrack_dccp: incorrect skb_header_pointer API usages
https://notcve.org/view.php?id=CVE-2014-2523
24 Mar 2014 — net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a DCCP packet that triggers a call to the (1) dccp_new, (2) dccp_packet, or (3) dccp_error function. net/netfilter/nf_conntrack_proto_dccp.c en el kernel de Linux hasta 3.13.6 utiliza un puntero de cabecera DCCP incorrectamente, lo que permite a atacantes remotos causar una denegació... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b22f5126a24b3b2f15448c3f2a254fc10cbc2b92 • CWE-20: Improper Input Validation •