CVSS: 10.0EPSS: 1%CPEs: 8EXPL: 0CVE-2015-4881 – OpenJDK: missing type checks in IIOPInputStream (CORBA, 8076392)
https://notcve.org/view.php?id=CVE-2015-4881
21 Oct 2015 — Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4835. Vulnerabilidad no especificada en Oracle Java SE 6u101, 7u85 y 8u60 y Java SE Embedded 8u51, permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores relacionados con CORBA, una vulnerabilidad diferente a CVE-201... • http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2015-4871 – OpenJDK: protected methods can be used as interface methods via DirectMethodHandle (Libraries)
https://notcve.org/view.php?id=CVE-2015-4871
21 Oct 2015 — Unspecified vulnerability in Oracle Java SE 7u85 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. Vulnerabilidad no especificada en Oracle Java SE 7u85 permite a atacantes remotos afectar a la confidencialidad e integridad a través de vectores desconocidos relacionados con Libraries. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An out-of-bounds write flaw was found in t... • http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2015-4868 – OpenJDK: CRL checking flaw (Libraries, 8081744)
https://notcve.org/view.php?id=CVE-2015-4868
21 Oct 2015 — Unspecified vulnerability in Oracle Java SE 8u60 and Java SE Embedded 8u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. Vulnerabilidad no especificada en Oracle Java SE 8u60 y Java SE Embedded 8u51 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Libraries. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the Op... • http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html •
CVSS: 9.8EPSS: 5%CPEs: 64EXPL: 0CVE-2015-4902 – Oracle Java SE Integrity Check Vulnerability
https://notcve.org/view.php?id=CVE-2015-4902
21 Oct 2015 — Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related to Deployment. Vulnerabilidad no especificada en Oracle Java SE 6u101, 7u85 y 8u60 permite a atacantes remotos afectar a la integridad a través de vectores desconocidos relacionados con Deployment. IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to versions 7 SR9-FP40 and 7R1 SR3... • http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html • CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 6%CPEs: 9EXPL: 0CVE-2015-4803 – OpenJDK: inefficient use of hash tables and lists during XML parsing (JAXP, 8068842)
https://notcve.org/view.php?id=CVE-2015-4803
21 Oct 2015 — Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911. Vulnerabilidad no especificada en Oracle Java SE 6u101, 7u85 y 8u60; Java SE Embedded 8u51 y JRockit R28.3.7 permite a atacantes remotos afectar a la disponibilidad a través de vectores relacionados con JAXP, una vulnerabilidad diferente a CVE-2015-4893 y CVE-20... • http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html • CWE-407: Inefficient Algorithmic Complexity •
CVSS: 10.0EPSS: 8%CPEs: 8EXPL: 0CVE-2015-4805 – OpenJDK: missing checks for proper initialization in ObjectStreamClass (Serialization, 8103671)
https://notcve.org/view.php?id=CVE-2015-4805
21 Oct 2015 — Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serialization. Vulnerabilidad no especificada en Oracle Java SE 6u101, 7u85 y 8u60 y Java SE Embedded 8u51, permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Serialization. The java-1.7.0-openjdk packages provide the Ope... • http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html • CWE-665: Improper Initialization •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2015-4806 – OpenJDK: HttpURLConnection header restriction bypass (Libraries, 8130193)
https://notcve.org/view.php?id=CVE-2015-4806
21 Oct 2015 — Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. Vulnerabilidad no especificada en Oracle Java SE 6u101, 7u85 y 8u60 y Java SE Embedded 8u51, permite a atacantes remotos afectar a la confidencialidad e integridad a través de vectores desconocidos relacionados con Libraries. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the... • http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2015-4810 – JDK: unspecified vulnerability fixed in 7u91 and 8u65 (Deployment)
https://notcve.org/view.php?id=CVE-2015-4810
21 Oct 2015 — Unspecified vulnerability in Oracle Java SE 7u85 and 8u60 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. Vulnerabilidad no especificada en Oracle Java SE 7u85 y 8u60 permite a usuarios locales afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Deployment. IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades... • http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2015-4734 – OpenJDK: kerberos realm name leak (JGSS, 8048030)
https://notcve.org/view.php?id=CVE-2015-4734
21 Oct 2015 — Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JGSS. Vulnerabilidad no especificada en Oracle Java SE 6u101, 7u85 y 8u60 y Java SE Embedded 8u51, permite a atacantes remotos afectar a la confidencialidad a través de vectores relacionados con JGSS. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Multiple flaws we... • http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2015-4736 – JDK: unspecified vulnerability fixed in 7u85 and 8u51 (Deployment)
https://notcve.org/view.php?id=CVE-2015-4736
16 Jul 2015 — Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. Vulnerabilidad no especificada en Oracle Java SE 7u80 y 8u45, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Deployment. Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This u... • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html •