CVSS: 10.0EPSS: 2%CPEs: 173EXPL: 0CVE-2011-0862 – Oracle Java ICC Screening Tag Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0862
08 Jun 2011 — Multiple unspecified vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. Múltiples vulnerabilidades no especificadas en el componente Java Runtime Environment (JRE) en Oracle Java SE 6 Update 25 y anteriores, v5.0 Update 29 y anteriores, y v1.4.2_31 y anteriores permite aplicaciones Java Web... • http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00003.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 9%CPEs: 161EXPL: 2CVE-2010-4476 – Oracle Java - Floating-Point Value Denial of Service
https://notcve.org/view.php?id=CVE-2010-4476
17 Feb 2011 — The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308. El método Double.parseDouble en Jav... • https://www.exploit-db.com/exploits/35304 •
CVSS: 9.8EPSS: 3%CPEs: 45EXPL: 0CVE-2010-4470 – OpenJDK JAXP untrusted component state manipulation (6927050)
https://notcve.org/view.php?id=CVE-2010-4470
17 Feb 2011 — Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows remote attackers to affect availability via unknown vectors related to JAXP and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to "Features set on SchemaFactory not inherited by Validator." Vulnerabilidad no especificada en Java Runtime Envi... • http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054115.html •
CVSS: 10.0EPSS: 2%CPEs: 161EXPL: 0CVE-2010-4473 – JDK unspecified vulnerability in Sound component
https://notcve.org/view.php?id=CVE-2010-4473
17 Feb 2011 — Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound and unspecified APIs, a different vulnerability than CVE-2010-4454 and CVE-2010-4462. Vulnerabilidad no especificada en el Java Runtime Environment (JRE) en Oracle Java SE y Java for Business 6 Update 23 y versiones... • http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.html •
CVSS: 9.8EPSS: 1%CPEs: 45EXPL: 0CVE-2010-4422 – JDK unspecified vulnerability in Deployment component
https://notcve.org/view.php?id=CVE-2010-4422
17 Feb 2011 — Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. Vulnerabilidad no especificada en Java Runtime Environment (JRE) en Oracle Java SE y Java for Business v6 Update v23 y anteriores permite a atacantes remotos vulnerar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados... • http://marc.info/?l=bugtraq&m=134254866602253&w=2 •
CVSS: 9.8EPSS: 2%CPEs: 45EXPL: 0CVE-2010-4472 – OpenJDK untrusted code allowed to replace DSIG/C14N implementation (6994263)
https://notcve.org/view.php?id=CVE-2010-4472
17 Feb 2011 — Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to affect availability, related to XML Digital Signature and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves the replacement of the "XML DSig Transform or C14N algorithm implementations." Vulnerabilidad no especificada en Java Runtim... • http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054115.html •
CVSS: 6.2EPSS: 0%CPEs: 45EXPL: 0CVE-2010-4474
https://notcve.org/view.php?id=CVE-2010-4474
17 Feb 2011 — Unspecified vulnerability in the Java DB component in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows local users to affect confidentiality via unknown vectors related to Security, a similar vulnerability to CVE-2009-4269. Vulnerabilidad no especificada en el componente de Java DB en Oracle Java SE y Java for Business v6 Update 23 y anteriores permite a usuarios locales afectar la confidencialidad a través de vectores desconocidos relacionados con la seguridad, una vulnerabilidad s... • http://marc.info/?l=bugtraq&m=134254866602253&w=2 •
CVSS: 9.8EPSS: 1%CPEs: 45EXPL: 0CVE-2010-4451 – JDK unspecified vulnerability in Install component
https://notcve.org/view.php?id=CVE-2010-4451
17 Feb 2011 — Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Windows, when using Java Update, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install. Vulnerabilidad no especificada en Java Runtime Environment (JRE) en Oracle Java SE y Java for Business v6 Update v23 y anteriores para Windows, cuando se usa Java Update, permite a atacantes remotos vulnerar la confidencialidad,... • http://marc.info/?l=bugtraq&m=134254866602253&w=2 •
CVSS: 7.5EPSS: 0%CPEs: 101EXPL: 0CVE-2010-4471 – OpenJDK Java2D font-related system property leak (6985453)
https://notcve.org/view.php?id=CVE-2010-4471
17 Feb 2011 — Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, and 5.0 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to 2D. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to the exposure of system properties via vectors relat... • http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054115.html •
CVSS: 9.1EPSS: 0%CPEs: 161EXPL: 0CVE-2010-4448 – OpenJDK DNS cache poisoning by untrusted applets (6981922)
https://notcve.org/view.php?id=CVE-2010-4448
17 Feb 2011 — Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Networking. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves "DNS cache poisoning by untrusted ap... • http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054115.html •