CVSS: 5.5EPSS: 3%CPEs: 11EXPL: 0CVE-2014-6512 – OpenJDK: DatagramSocket connected socket missing source check (Libraries, 8039509)
https://notcve.org/view.php?id=CVE-2014-6512
15 Oct 2014 — Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Libraries. Vulnerabilidad sin especificar en Oracle Java SE 5.0u71, 6u81, 7u67, y 8u20; Java SE Embedded 7u60; y JRockit R27.8.3 y R28.3.3 permite a atacantes remotos afectar a la integridad a través de vectores relacionados con las librerías. It was discovered that the DatagramSocket implementation in Open... • http://linux.oracle.com/errata/ELSA-2014-1633.html • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 5.5EPSS: 2%CPEs: 8EXPL: 0CVE-2014-6517 – OpenJDK: StAX parser parameter entity XXE (JAXP, 8039533)
https://notcve.org/view.php?id=CVE-2014-6517
15 Oct 2014 — Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and Jrockit R27.8.3 and R28.3.3 allows remote attackers to affect confidentiality via vectors related to JAXP. Vulnerabilidad sin especificar en Oracle Java SE 6u81, 7u67, y 8u20; Java SE Embedded 7u60; y Jrockit R27.8.3 y R28.3.3, permite a atacantes remotos afectar a la confidencialidad a través de vectores relacionados con JAXP. It was discovered that the StAX XML parser in the JAXP component in OpenJDK performed exp... • http://linux.oracle.com/errata/ELSA-2014-1633.html •
CVSS: 5.5EPSS: 2%CPEs: 8EXPL: 0CVE-2014-6531 – OpenJDK: insufficient ResourceBundle name check (Libraries, 8044274)
https://notcve.org/view.php?id=CVE-2014-6531
15 Oct 2014 — Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Libraries. Vulnerabilidad sin especificar en Oracle Java SE 5.0u71, 6u81, 7u67, y 8u20, y Java SE Embedded 7u60, permite a atacantes remotos afectar a la confidencialidad a través de vectores relacionados con las librerías. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Soft... • http://linux.oracle.com/errata/ELSA-2014-1633.html •
CVSS: 5.5EPSS: 2%CPEs: 10EXPL: 0CVE-2014-6558 – OpenJDK: CipherInputStream incorrect exception handling (Security, 8037846)
https://notcve.org/view.php?id=CVE-2014-6558
15 Oct 2014 — Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and JRockit R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Security. Vulnerabilidad sin especificar en Oracle Java SE 5.0u71, 6u81, 7u67, y 8u20; Java SE Embedded 7u60; y JRockit R27.8.3 y JRockit R28.3.3 permite a atacantes remotos afectar la integridad a través de vectores desconocidos relacionados con la seguridad. It was discovered that the CipherInputS... • http://linux.oracle.com/errata/ELSA-2014-1633.html •
CVSS: 9.1EPSS: 2%CPEs: 6EXPL: 0CVE-2014-4265 – JDK: unspecified vulnerability fixed in 6u81, 7u65 and 8u11 (Deployment)
https://notcve.org/view.php?id=CVE-2014-4265
17 Jul 2014 — Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect integrity via unknown vectors related to Deployment. Vulnerabilidad no especificada en Oracle Java SE 6u75, 7u60, y 8u5 permite a atacantes remotos afectar a la integridad a través de vectores relacionados con la implementación. Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime ... • http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html •
CVSS: 7.5EPSS: 2%CPEs: 8EXPL: 0CVE-2014-4268 – Debian Security Advisory 2987-1
https://notcve.org/view.php?id=CVE-2014-4268
17 Jul 2014 — Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Swing. Vulnerabilidad no especificada en Oracle Java SE 5.0u65, 6u75, 7u60, y 8u5 permite a atacantes remotos afectar a la confidencialidad a través de vectores desconocidos relacionados con Swing. Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to... • http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html •
CVSS: 10.0EPSS: 9%CPEs: 6EXPL: 0CVE-2014-4227 – JDK: unspecified vulnerability fixed in 6u81, 7u65 and 8u11 (Deployment)
https://notcve.org/view.php?id=CVE-2014-4227
17 Jul 2014 — Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. Vulnerabilidad no especificada en Oracle Java SE 6u75, 7u60 y 8u5 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Deployment. Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development K... • http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html •
CVSS: 9.8EPSS: 10%CPEs: 8EXPL: 0CVE-2014-4216 – OpenJDK: Incorrect generic signature attribute parsing (Hotspot, 8037076)
https://notcve.org/view.php?id=CVE-2014-4216
16 Jul 2014 — Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. Vulnerabilidad no especificada en Oracle Java SE 5.0u65, 6u75, 7u60 y 8u5 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Hotspot. It was discovered that the Hotspot component in OpenJDK did not properly verify bytecode from the clas... • http://marc.info/?l=bugtraq&m=140852886808946&w=2 •
CVSS: 5.9EPSS: 5%CPEs: 10EXPL: 0CVE-2014-4244 – OpenJDK: RSA blinding issues (Security, 8031346)
https://notcve.org/view.php?id=CVE-2014-4244
16 Jul 2014 — Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security. Vulnerabilidad no especificada en Oracle Java SE 5.0u65, 6u75, 7u60, y 8u5, y JRockit R27.8.2 y JRockit R28.3.2, permite a atacantes remotos afectar la confidencialidad e integridad a través de vectores desconocidos relacionados con Security. It was discovered that the Hotspot component in Op... • http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html •
CVSS: 5.9EPSS: 6%CPEs: 10EXPL: 0CVE-2014-4263 – OpenJDK: insufficient Diffie-Hellman public key validation (Security, 8037162)
https://notcve.org/view.php?id=CVE-2014-4263
16 Jul 2014 — Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to "Diffie-Hellman key agreement." Vulnerabilidad no especificada en Oracle Java SE 5.0u65, 6u75, 7u60, y 8u5, y JRockit R27.8.2 y R28.3.2, permite a atacantes remotos afectar a la confidencialidad y la integridad a través de vectores desconocidos relacionados con el 'Acuerdo de Claves Diffie-Hellman' It was disc... • http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html •