CVSS: 10.0EPSS: 93%CPEs: 74EXPL: 3CVE-2012-0507 – Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0507
24 Feb 2012 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceA... • https://www.exploit-db.com/exploits/18679 •
CVSS: 10.0EPSS: 96%CPEs: 98EXPL: 1CVE-2011-3544 – Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-3544
19 Oct 2011 — Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting. Vulnerabilidad no especificada en el componente de Java Runtime Environment en Oracle Java SE JDK y JRE v7 y v6 Update 27 y anteriores permite a aplicaciones remotas Java Web Start y applets Java no confiable... • https://www.exploit-db.com/exploits/18171 •
CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0CVE-2003-1229
https://notcve.org/view.php?id=CVE-2003-1229
31 Dec 2003 — X509TrustManager in (1) Java Secure Socket Extension (JSSE) in SDK and JRE 1.4.0 through 1.4.0_01, (2) JSSE before 1.0.3, (3) Java Plug-in SDK and JRE 1.3.0 through 1.4.1, and (4) Java Web Start 1.0 through 1.2 incorrectly calls the isClientTrusted method when determining server trust, which results in improper validation of digital certificate and allows remote attackers to (1) falsely authenticate peers for SSL or (2) incorrectly validate signed JAR files. • http://archives.neohapsis.com/archives/bugtraq/2003-01/0334.html • CWE-295: Improper Certificate Validation •