CVSS: 9.6EPSS: 1%CPEs: 6EXPL: 0CVE-2016-3587 – Oracle Java MethodHandle Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-3587
21 Jul 2016 — Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot. Vulnerabilidad no especificada en Oracle Java SE 8u92 y Java SE Embedded 8u91 permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores relacionados con Hotspot. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Jav... • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html •
CVSS: 9.6EPSS: 1%CPEs: 7EXPL: 0CVE-2016-3598 – Oracle Java MethodHandles dropArguments Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-3598
21 Jul 2016 — Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3610. Vulnerabilidad no especificada en Oracle Java SE 8u92 y Java SE Embedded 8u91 permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores relacionados con Libraries, una vulnerabilidad diferente a CVE-2016-3610. This vulnerabi... • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html •
CVSS: 5.3EPSS: 0%CPEs: 12EXPL: 0CVE-2016-3508 – OpenJDK: missing entity replacement limits (JAXP, 8149962)
https://notcve.org/view.php?id=CVE-2016-3508
21 Jul 2016 — Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500. Vulnerabilidad no especificada en Oracle Java SE 6u115, 7u101 y 8u92; Java SE Embedded 8u91 y JRockit R28.3.10 permite a atacantes remotos afectar la disponibilidad a través de vectores relacionados con JAXP, una vulnerabilidad diferente a CVE-2016-3500. The java-1.6.0-openjdk ... • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 4.3EPSS: 0%CPEs: 9EXPL: 0CVE-2016-3458 – OpenJDK: insufficient restrictions on the use of custom ValueHandler (CORBA, 8079718)
https://notcve.org/view.php?id=CVE-2016-3458
21 Jul 2016 — Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; and Java SE Embedded 8u91 allows remote attackers to affect integrity via vectors related to CORBA. Vulnerabilidad no especificada en Oracle Java SE 6u115, 7u101 y 8u92 y Java SE Embedded 8u91 permite a atacantes remotos afectar la integridad a través de vectores relacionados con CORBA. The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. Security Fix: An insufficien... • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2016-3498 – JDK: unspecified vulnerability fixed in 7u111 and 8u101 (JavaFX)
https://notcve.org/view.php?id=CVE-2016-3498
21 Jul 2016 — Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows remote attackers to affect availability via vectors related to JavaFX. Vulnerabilidad no especificada en Oracle Java SE 7u101 y 8u92 permite a atacantes remotos afectar la disponibilidad a través de vectores relacionados con JavaFX. Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 8 to version 8 Update 101. Security Fix: This update fixes mu... • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html •
CVSS: 7.7EPSS: 0%CPEs: 4EXPL: 0CVE-2016-3511 – JDK: unspecified vulnerability fixed in 7u111 and 8u101 (Deployment)
https://notcve.org/view.php?id=CVE-2016-3511
21 Jul 2016 — Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Deployment. Vulnerabilidad no especificada en Oracle Java SE 7u101 y 8u92 permite a usuarios locales afectar la confidencialidad, la integridad y la disponibilidad a través de vectores relacionados con Deployment. Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracl... • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html •
CVSS: 5.0EPSS: 1%CPEs: 6EXPL: 0CVE-2016-3422 – JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)
https://notcve.org/view.php?id=CVE-2016-3422
21 Apr 2016 — Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D. Vulnerabilidad no especificada en Oracle Java SE 6u113, 7u99 y 8u77 permite a atacantes remotos afectar a la disponibilidad a través de vectores relacionados con 2D. Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 6 to version 6 Update 115. Security Fix: This update f... • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html •
CVSS: 10.0EPSS: 7%CPEs: 6EXPL: 0CVE-2016-3443 – Oracle Java Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2016-3443
21 Apr 2016 — Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D. NOTE: the previous information is from the April 2016 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information via crafted font data, which triggers an out-of-bounds read. Vulnerabilidad no especificada en Oracle Java SE 6u113, 7u99 y 8u77 permite a atacantes remotos afect... • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html •
CVSS: 8.3EPSS: 4%CPEs: 6EXPL: 0CVE-2016-3449 – JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (Deployment)
https://notcve.org/view.php?id=CVE-2016-3449
21 Apr 2016 — Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Deployment. Vulnerabilidad no especificada en Oracle Java SE 6u113, 7u99 y 8u77 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores relacionados con Deployment. Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update... • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html •
CVSS: 5.0EPSS: 2%CPEs: 7EXPL: 0CVE-2016-3425 – OpenJDK: incorrect handling of surrogate pairs in XML attribute values (JAXP, 8143167)
https://notcve.org/view.php?id=CVE-2016-3425
20 Apr 2016 — Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP. Vulnerabilidad no especificada en Oracle Java SE 6u113, 7u99 y 8u77; Java SE Embedded 8u77; y JRockit R28.3.9 permite a atacantes remotos afectar a la disponibilidad a través de vectores relacionados con JAXP. It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part ... • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html •