CVSS: 9.1EPSS: 5%CPEs: 8EXPL: 0CVE-2015-0480 – OpenJDK: jar directory traversal issues (Tools, 8064601)
https://notcve.org/view.php?id=CVE-2015-0480
16 Apr 2015 — Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity and availability via unknown vectors related to Tools. Vulnerabilidad no especificada en Oracle Java SE 5.0u81, 6u91, 7u76, y 8u40 permite a atacantes remotos afectar la integridad y la disponibilidad a través de vectores desconocidos relacionados con Tools. A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause ja... • http://advisories.mageia.org/MGASA-2015-0158.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.9EPSS: 8%CPEs: 9EXPL: 0CVE-2015-0488 – OpenJDK: certificate options parsing uncaught exception (JSSE, 8068720)
https://notcve.org/view.php?id=CVE-2015-0488
16 Apr 2015 — Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect availability via vectors related to JSSE. Vulnerabilidad no especificada en Oracle Java SE 5.0u81, 6u91, 7u76, y 8u40, y JRockit R28.3.5, permite a atacantes remotos afectar la disponibilidad a través de vectores relacionados con JSSE. A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to rai... • http://advisories.mageia.org/MGASA-2015-0158.html • CWE-248: Uncaught Exception •
CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0CVE-2015-0400 – Gentoo Linux Security Advisory 201603-14
https://notcve.org/view.php?id=CVE-2015-0400
21 Jan 2015 — Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Libraries. Vulnerabilidad no especificada en Oracle Java SE 6u85, 7u72, y 8u25 permite a atacantes remotos afectar la confidencialidad a través de vectores desconocidos relacionados con Libraries. Potential security vulnerabilities have been identified in the Java Runtime Environment (JRE) and the Java Developer Kit (JDK) running on HP-UX. These vulnerabilities co... • http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581 •
CVSS: 9.1EPSS: 0%CPEs: 7EXPL: 0CVE-2015-0403 – JDK: unspecified vulnerability fixed in 6u91, 7u75 and 8u31 (Deployment)
https://notcve.org/view.php?id=CVE-2015-0403
21 Jan 2015 — Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. Vulnerabilidad no especificada en Oracle Java SE 6u85, 7u72, y 8u25 permite a usuarios locales afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos relacionados con Deployment. This update corrects several security vulnerabilities in the IBM Java Runtime Environment shipped as part of ... • http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581 •
CVSS: 9.1EPSS: 4%CPEs: 7EXPL: 0CVE-2015-0406 – JDK: unspecified vulnerability fixed in 6u91, 7u75 and 8u31 (Deployment)
https://notcve.org/view.php?id=CVE-2015-0406
21 Jan 2015 — Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality and availability via unknown vectors related to Deployment. Vulnerabilidad no especificada en Oracle Java SE 6u85, 7u72, y 8u25 permite a atacantes remotos afectar la confidencialidad y la disponibilidad a través de vectores desconocidos relacionados con Deployment. This update corrects several security vulnerabilities in the IBM Java Runtime Environment shipped as part of Red Hat Satellite 5.7... • http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581 •
CVSS: 7.5EPSS: 0%CPEs: 29EXPL: 0CVE-2015-0383 – OpenJDK: insecure hsperfdata temporary file handling (Hotspot, 8050807)
https://notcve.org/view.php?id=CVE-2015-0383
21 Jan 2015 — Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot. Vulnerabilidad no especificada en Oracle Java SE 5.0u75, 6u85, 7u72, y 8u25; Java SE Embedded 7u71 y 8u6; y JRockit R27.8.4 y R28.3.4 permite a usuarios locales afectar la integridad y la disponibilidad a través de vectores desconocidos relacionados con Hotspot. Multiple insecur... • http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581 • CWE-377: Insecure Temporary File •
CVSS: 9.8EPSS: 21%CPEs: 20EXPL: 0CVE-2015-0395 – OpenJDK: phantom references handling issue in garbage collector (Hotspot, 8047125)
https://notcve.org/view.php?id=CVE-2015-0395
21 Jan 2015 — Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. Vulnerabilidad no especificada en Oracle Java SE 5.0u75, 6u85, 7u72, y 8u25 permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos relacionados con Hotspot. A flaw was found in the way the Hotspot garbage collector handled phantom references. An untr... • http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581 •
CVSS: 7.5EPSS: 2%CPEs: 18EXPL: 0CVE-2015-0407 – OpenJDK: directory information leak via file chooser (Swing, 8055304)
https://notcve.org/view.php?id=CVE-2015-0407
21 Jan 2015 — Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Swing. Vulnerabilidad no especificada en Oracle Java SE 5.0u75, 6u85, 7u72, y 8u25 permite a atacantes remotos afectar la confidencialidad a través de vectores desconocidos relacionados con Swing. An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox ... • http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581 •
CVSS: 8.4EPSS: 0%CPEs: 8EXPL: 0CVE-2014-6585 – ICU: font parsing OOB read (OpenJDK 2D, 8055489)
https://notcve.org/view.php?id=CVE-2014-6585
21 Jan 2015 — Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6591. Vulnerabilidad no especificada en Oracle Java SE 5.0u75, 6u85, 7u72, y 8u25 permite a atacantes remotos afectar la confidencialidad a través de vectores no conocidos relacionados con 2D, una vulnerabilidad diferente de CVE-2014-6591. A boundary check flaw was found in the font parsing code in the 2D compone... • http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2014-6587 – OpenJDK: MulticastSocket NULL pointer dereference (Libraries, 8056264)
https://notcve.org/view.php?id=CVE-2014-6587
21 Jan 2015 — Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. Vulnerabilidad no especificada en Oracle Java SE 6u85, 7u72, y 8u25 permite a usuarios locales afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados cn Libraries. A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK.... • http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581 • CWE-476: NULL Pointer Dereference •