CVSS: 10.0EPSS: 1%CPEs: 10EXPL: 0CVE-2015-2628 – OpenJDK: IIOPInputStream type confusion vulnerability (CORBA, 8076376)
https://notcve.org/view.php?id=CVE-2015-2628
16 Jul 2015 — Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. Vulnerabilidad no especificada en Oracle Java SE 6u95, 7u80, y 8u45, y Java SE Embedded 7u75 y 8u33, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores relacionados con CORBA. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Envi... • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 2%CPEs: 6EXPL: 0CVE-2015-4760 – ICU: missing boundary checks in layout engine (OpenJDK 2D, 8071715)
https://notcve.org/view.php?id=CVE-2015-4760
16 Jul 2015 — Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. Vulnerabilidad no especificada en Oracle Java SE 6u95, 7u80 y 8u45, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con 2D. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Ki... • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2015-2632 – ICU: integer overflow in LETableReference verifyLength() (OpenJDK 2D, 8077520)
https://notcve.org/view.php?id=CVE-2015-2632
16 Jul 2015 — Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to 2D. Vulnerabilidad no especificada en Oracle Java SE 6u95, 7u80 y 8u45, permite a atacantes remotos afectar la confidencialidad a través de vectores desconocidos relacionados con 2D. An information leak flaw was found in the 2D component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. The java-1.... • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 2%CPEs: 10EXPL: 0CVE-2015-4732 – OpenJDK: insufficient context checks during object deserialization (Libraries, 8076405)
https://notcve.org/view.php?id=CVE-2015-4732
16 Jul 2015 — Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-2590. Vulnerabilidad no especificada en Oracle Java SE 6u95, 7u80 y 8u45, y Java SE Embedded 7u75 y 8u33, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con librería... • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html • CWE-567: Unsynchronized Access to Shared Data in a Multithreaded Context •
CVSS: 6.8EPSS: 0%CPEs: 11EXPL: 0CVE-2015-2625 – OpenJDK: name for reverse DNS lookup used in certificate identity check (JSSE, 8067694)
https://notcve.org/view.php?id=CVE-2015-2625
16 Jul 2015 — Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JSSE. Vulnerabilidad no especificada en Oracle Java SE 6u95, 7u80, y 8u45; JRockit R28.3.6; y Java SE Embedded 7u75 y 8u33, permite a atacantes remotos afectar la confidencialidad a través de vectores relacionados con JSSE. A flaw was found in the way the JSSE component in OpenJDK performed X.509 certificate identity ve... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727 • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2015-2621 – OpenJDK: incorrect code permission checks in RMIConnectionImpl (JMX, 8075853)
https://notcve.org/view.php?id=CVE-2015-2621
16 Jul 2015 — Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33, allows remote attackers to affect confidentiality via vectors related to JMX. Vulnerabilidad no especificada en Oracle Java SE 6u95, 7u80, y 8u45, y Java SE Embedded 7u75 y 8u33, permite a atacantes remotos afectar la confidencialidad a través de vectores relacionados con JMX. An information leak flaw was found in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to b... • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html •
CVSS: 7.6EPSS: 2%CPEs: 11EXPL: 0CVE-2015-4748 – OpenJDK: incorrect OCSP nextUpdate checking (Libraries, 8075374)
https://notcve.org/view.php?id=CVE-2015-4748
16 Jul 2015 — Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security. Vulnerabilidad no especificada en Oracle Java SE 6u95, 7u80 y 8u45; JRockit R28.3.6; y Java SE Embedded 7u75 y Embedded 8u33, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Sec... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727 • CWE-299: Improper Check for Certificate Revocation •
CVSS: 10.0EPSS: 2%CPEs: 8EXPL: 0CVE-2015-4731 – OpenJDK: improper permission checks in MBeanServerInvocationHandler (JMX, 8076397)
https://notcve.org/view.php?id=CVE-2015-4731
16 Jul 2015 — Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. Vulnerabilidad no especificada en Oracle Java SE 6u95, 7u80, y 8u45; Java SE Embedded 7u75; y Java SE Embedded 8u33, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores relacionados con JMX. The java-1.7.0-openjdk packages provide the O... • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html •
CVSS: 6.8EPSS: 4%CPEs: 11EXPL: 0CVE-2015-4749 – OpenJDK: DnsClient fails to release request information after error (JNDI, 8075378)
https://notcve.org/view.php?id=CVE-2015-4749
16 Jul 2015 — Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect availability via vectors related to JNDI. Vulnerabilidad no especificada en Oracle Java SE 6u95, 7u80 y 8u45; JRockit R28.3.6; y Java SE Embedded 7u75 y 8u33, permite a atacantes remotos afectar la disponibilidad a través de vectores relacionados con JNDI. It was discovered that the JNDI component in OpenJDK did not handle DNS resolution errors correctly. An... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.8EPSS: 1%CPEs: 4EXPL: 0CVE-2015-2659 – OpenJDK: GCM cipher issue causing JVM crash (Security, 8067648)
https://notcve.org/view.php?id=CVE-2015-2659
16 Jul 2015 — Unspecified vulnerability in Oracle Java SE 8u45 and Java SE Embedded 8u33 allows remote attackers to affect availability via unknown vectors related to Security. Vulnerabilidad no especificada en Oracle Java SE 8u45 y Java SE Embedded 8u33, permite a atacantes remotos afectar la disponibilidad a través de vectores desconocidos relacionados con Security. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Multiple flaws were discove... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727 • CWE-476: NULL Pointer Dereference •