CVSS: 9.8EPSS: 3%CPEs: 81EXPL: 0CVE-2010-0845 – OpenJDK No ClassCastException for HashAttributeSet constructors if run with -Xcomp (6894807)
https://notcve.org/view.php?id=CVE-2010-0845
01 Apr 2010 — Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente HotSpot Server en Oracle Java SE y Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25 y 1.3.1_27 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad mediante vectores no desconocidos. • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 •
CVSS: 10.0EPSS: 10%CPEs: 238EXPL: 0CVE-2010-0846 – Sun Java Runtime Environment JPEGImageEncoderImpl Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0846
01 Apr 2010 — Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows remote attackers to execute arbitrary code, related to an "invalid assignment" and in... • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 •
CVSS: 8.8EPSS: 5%CPEs: 240EXPL: 0CVE-2010-0847 – OpenJDK ImagingLib arbitrary code execution vulnerability (6914866)
https://notcve.org/view.php?id=CVE-2010-0847
01 Apr 2010 — Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows arbitrary code execution via a crafted image. Vulnerabilidad no especificada en el co... • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 •
CVSS: 9.8EPSS: 3%CPEs: 238EXPL: 0CVE-2010-0848 – OpenJDK AWT Library Invalid Index Vulnerability (6914823)
https://notcve.org/view.php?id=CVE-2010-0848
01 Apr 2010 — Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Java 2D en Oracle Java SE y Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25 y 1.3.1_27 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad mediante vectores no desconocidos. • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 •
CVSS: 10.0EPSS: 6%CPEs: 240EXPL: 0CVE-2010-0849 – Sun Java Runtime Environment JPEGImageDecoderImpl Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0849
01 Apr 2010 — Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow in a decoding routine used by the JPEGImageDecoderImpl interface, which allows code execution via... • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 •
CVSS: 9.8EPSS: 1%CPEs: 105EXPL: 0CVE-2010-0850
https://notcve.org/view.php?id=CVE-2010-0850
01 Apr 2010 — Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Java 2D en Oracle Java SE y Java for Business 1.3.1_27 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad mediante vectores no desconocidos. • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 •
CVSS: 10.0EPSS: 0%CPEs: 79EXPL: 0CVE-2009-3882 – OpenJDK information leaks in mutable variables (6657026,6657138)
https://notcve.org/view.php?id=CVE-2009-3882
09 Nov 2009 — Multiple unspecified vulnerabilities in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to "information leaks in mutable variables," aka Bug Id 6657026. Múltiples vulnerabilidades no especificadas en la implementación Swing en Sun Java SE v5.0 anteriores a Update 22 y 6 anteriores a Update 17, y OpenJDK, tiene un impacto desconocido vectores de ataque remoto, relacionado con "debilidad de información en ... • http://java.sun.com/j2se/1.5.0/ReleaseNotes.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 79EXPL: 0CVE-2009-3883 – OpenJDK information leaks in mutable variables (6657026,6657138)
https://notcve.org/view.php?id=CVE-2009-3883
09 Nov 2009 — Multiple unspecified vulnerabilities in the Windows Pluggable Look and Feel (PL&F) feature in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to "information leaks in mutable variables," aka Bug Id 6657138. Múltiples vulnerabilidades no especificadas en la funcionalidad Windows Pluggable Look and Feel (PL&F) de la implementación de Swing en Sun Java SE 5.0 antes de Update 22, Sun Java SE 6.0 antes de la ... • http://java.sun.com/j2se/1.5.0/ReleaseNotes.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 3%CPEs: 61EXPL: 0CVE-2009-2670 – OpenJDK Untrusted applet System properties access (6738524)
https://notcve.org/view.php?id=CVE-2009-2670
05 Aug 2009 — The audio system in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by (1) untrusted applets and (2) Java Web Start applications, which allows context-dependent attackers to obtain sensitive information by reading these properties. El sistema de audio en Sun Java Runtime Environment (JRE) en JDK y JRE v6 anterior Update v15, y JDK y JRE v5.0 anterior Update v20, no previene el acceso a las prop... • http://java.sun.com/j2se/1.5.0/ReleaseNotes.html#150_20 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 6%CPEs: 61EXPL: 0CVE-2009-2671 – OpenJDK Proxy mechanism information leaks (6801071)
https://notcve.org/view.php?id=CVE-2009-2671
05 Aug 2009 — The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted (1) applet or (2) Java Web Start application via unspecified vectors. El SOCKS proxy implementado en Java Runtime Environment (JRE) en JDK y JRE v6 anterior Update v15, y JDK y JRE v5.0 anterior Update v20, permite a atacantes remotos descubrir la cuenta de usuario que invoca un ... • http://java.sun.com/j2se/1.5.0/ReleaseNotes.html#150_20 •