CVSS: 9.8EPSS: 11%CPEs: 3EXPL: 0CVE-2013-5457 – JDK: unspecified sandbox bypass (ORB)
https://notcve.org/view.php?id=CVE-2013-5457
07 Nov 2013 — Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to execute arbitrary code via unspecified vectors. Vulnerabilidad no especificada en Java SDK de IBM, versiones 7.0.0 anteriores a SR6, 6.0.1 anteriores a SR7, y 6.0.0 anteriores a SR15 permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados. This update corrects several security vulnerabilities in the IBM Java Runtime Environment shipped as part of... • http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2013-5375 – JDK: unspecified sandbox bypass (XML)
https://notcve.org/view.php?id=CVE-2013-5375
07 Nov 2013 — Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, 6.0.0 before SR15, and 5.0.0 before SR16 FP4 allows remote attackers to access restricted classes via unspecified vectors related to XML and XSL. Vulnerabilidad no especificada en IBM Java SDK 7.0.0 anteriores a SR6, 6.0.1 anteriores a SR7, 6.0.0 anteriores a SR15, y 5.0.0 anteriores a SR16 FP4 permite a atacantes remotos acceder a clases restringidas a través de vectores no especificados relacionados con XML y XSL. This update co... • http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html •
CVSS: 9.3EPSS: 8%CPEs: 1EXPL: 1CVE-2013-5456 – JDK: unspecified sandbox bypass (ORB)
https://notcve.org/view.php?id=CVE-2013-5456
07 Nov 2013 — The com.ibm.rmi.io.SunSerializableFactory class in IBM Java SDK 7.0.0 before SR6 allows remote attackers to bypass a sandbox protection mechanism and execute arbitrary code via vectors related to deserialization inside the AccessController doPrivileged block. La clase com.ibm.rmi.io.SunSerializableFactory en IBM Java SDK 7.0.0 en versiones anteriores a SR6 permite a atacantes remotos eludir un mecanismo de protección de sandbox y ejecutar código arbitrario a través de vectores relacionados con deserializaci... • https://packetstorm.news/files/id/136662 •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2013-4041 – JDK: unspecified sandbox bypass (JVM)
https://notcve.org/view.php?id=CVE-2013-4041
07 Nov 2013 — Unspecified vulnerability in IBM Java SDK 5.0.0 before SR16 FP4, 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to access restricted classes via unspecified vectors. Vulnerabilidad no especificada en el Java SDK de IBM 5.0.0 anteriores a SR16 FP4, 7.0.0 anteriores a SR6, 6.0.1 anteriores a SR7, y 6.0.0 anteriores a SR15 permite a atacantes remotos acceder clases restringidas a través de vectores no especificados. This update corrects several security vulnerabilities in the... • http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html •
CVSS: 9.8EPSS: 11%CPEs: 1EXPL: 0CVE-2013-5458 – JDK: unspecified sandbox bypass (XML)
https://notcve.org/view.php?id=CVE-2013-5458
07 Nov 2013 — Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6 allows remote attackers to execute arbitrary code via unspecified vectors. Vulnerabilidad no especificada en IBM Java SDK 7.0.0 anteriores a SR7 permite a atacantes remotos ejecutar código de forma arbitraria a través de vectores no especificados. IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Sof... • http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html •
CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0CVE-2013-3006 – JDK: Unspecified security fixes (July 2013)
https://notcve.org/view.php?id=CVE-2013-3006
23 Jul 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3008. Vulnerabilidad sin especificar en Java Runtime Environment (JRE) en IBM Java 7 anterior a 7 SR5, permite a atacantes remotos comprometer la disponibilidad, confidencialidad e integridad a través de vectores no especificados. Vulnerabilidad distinta de CVE-2013-3008. • http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html •
CVSS: 9.8EPSS: 1%CPEs: 8EXPL: 0CVE-2013-3010 – JDK: Unspecified security fixes (July 2013)
https://notcve.org/view.php?id=CVE-2013-3010
23 Jul 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 6.0.1 before 6.0.1 SR6 and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3007. Vulnerabilidad sin especificar en Java Runtime Environment (JRE) en IBM Java, 6.0.1 anterior a 6.0.1 SR6, y 7 anterior a 7 SR5, permite a atacantes remotos comprometer la disponibilidad, confidencialidad e integridad a través de vectores no especif... • http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html •
CVSS: 9.8EPSS: 9%CPEs: 62EXPL: 0CVE-2013-3012 – JDK: Unspecified security fixes (July 2013)
https://notcve.org/view.php?id=CVE-2013-3012
23 Jul 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3009 and CVE-2013-3011. Vulnerabilidad sin especificar en Java Runtime Environment (JRE) en IBM Java 1.4.2 anterior a 1.4.2 SR13-FP18, 5.0 anterior a 5.0 SR16-FP3, 6 anterior a 6 SR... • http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html •
CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0CVE-2013-3008 – JDK: Unspecified security fixes (July 2013)
https://notcve.org/view.php?id=CVE-2013-3008
23 Jul 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3006. Vulnerabilidad sin especificar en Java Runtime Environment (JRE) en IBM Java 7 anterior a 7 SR5, permite a atacantes remotos comprometer la disponibilidad, confidencialidad e integridad a través de vectores no especificados. Vulnerabilidad distinta de CVE-2013-3006. • http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html •
CVSS: 9.8EPSS: 10%CPEs: 62EXPL: 0CVE-2013-3009 – JDK: Unspecified security fixes (July 2013)
https://notcve.org/view.php?id=CVE-2013-3009
23 Jul 2013 — The com.ibm.CORBA.iiop.ClientDelegate class in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 improperly exposes the invoke method of the java.lang.reflect.Method class, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to the AccessController doPrivileged block. La clase com.ibm.CORBA.iiop.ClientDelegate en IBM Java 1.4.2 en vesiones anteriores a 1.4.2 SR13-FP18,... • http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html •