CVSS: 5.0EPSS: 3%CPEs: 8EXPL: 0CVE-2012-1718 – OpenJDK: CRL and certificate extensions handling improvements (Security, 7143872)
https://notcve.org/view.php?id=CVE-2012-1718
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect availability via unknown vectors related to Security. Vulnerabilidad no especificada en el componente Java Runtime Enviroment (JRE) en Oracle Java SE v7 actualización 4 y anteriores, v6 actualización 32 y anteriores, v5 actualización 35 y anteriores, y v1.4.2_37 y anteriores que permite a atacantes remotos afectar la disponibilidad a través de vectores desconocidos relacionados con la seguridad. • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html http://marc.info/?l=bugtraq&m=134496371727681&w=2 http://rhn.redhat.com/errata/RHSA-2012-0734.html http://rhn.red •
CVSS: 5.0EPSS: 0%CPEs: 214EXPL: 0CVE-2012-1719 – OpenJDK: mutable repository identifiers in generated stub code (CORBA, 7143851)
https://notcve.org/view.php?id=CVE-2012-1719
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect integrity, related to CORBA. Vulnerabilidad no especificada en el Java Runtime Environment (JRE), componente de Oracle Java SE 7 Update 4 y anteriores, 6 Update 32 y anteriores, 5 actualización 35 y anteriores, y v1.4.2_37 y anteriores permite a atacantes remotos afectar a la integridad, en relación con CORBA. • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html http://marc.info/?l=bugtraq&m=134496371727681&w=2 http://rhn.redhat.com/errata/RHSA-2012-0734.html http://rhn.red •
CVSS: 10.0EPSS: 96%CPEs: 8EXPL: 3CVE-2012-1723 – Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-1723
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. Vulnerabilidad no especificada en el Java Runtime Environment (JRE), componente de Oracle Java SE 7 Update 4 y anteriores, 6 Update 32 y anteriores, 5 actualización 35 y anteriores, y v1.4.2_37 y anteriores permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con la zona activa. Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors related to Hotspot. • https://www.exploit-db.com/exploits/19717 https://github.com/EthanNJC/CVE-2012-1723 http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html http://marc.info/?l=bugtraq&m=134496371727681&w=2 http://rhn.redhat.com/errata/RHSA-2012-0734.html http://secunia.com/advisories/51080 http://security.gentoo.org/glsa/glsa-201406-32.xml http://www.ibm.com/support/docview.wss?uid=swg21615246 http://www.mandriva.com/security/advisories?name=MDVSA-2012:095 http:& •
CVSS: 5.0EPSS: 1%CPEs: 72EXPL: 0CVE-2012-1724 – OpenJDK: XML parsing infinite loop (JAXP, 7157609)
https://notcve.org/view.php?id=CVE-2012-1724
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect availability, related to JAXP. Vulnerabilidad no especificada en el componente Java Runtime Enviroment (JRE) en Oracle Java SE v7 actualización 4 y anteriores, y v6 actualización 32 y anteriores, permite a atacantes remotos afectar la disponibilidad, relacionado con JAXP. • http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html http://marc.info/?l=bugtraq&m=134496371727681&w=2 http://rhn.redhat.com/errata/RHSA-2012-0734.html http://security.gentoo.org/glsa/glsa-201406-32.xml http://www.mandriva.com/security/advisories?name=MDVSA-2012:095 http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html http://www.oracle.com/technetwork/topics/security/javacpujun • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.8EPSS: 88%CPEs: 72EXPL: 1CVE-2012-0551 – Oracle GlassFish Server 3.1.1 (build 12) - Multiple Cross-Site Scripting Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-0551
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE 7 update 4 and earlier and 6 update 32 and earlier, and the GlassFish Enterprise Server component in Oracle Sun Products Suite GlassFish Enterprise Server 3.1.1, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Web Container or Deployment. Vulnerabilidad no especificada en el componente GlassFish Enterprise Server en Oracle Sun Products Suite GlassFish Enterprise Server v3.1.1 permite a atacantes remotos afectar la confidencialidad y la integridad a través de vectores desconocidos relacionados con Web Container. Security-Assessment.com has discovered that components of the Oracle GlassFish Server administrative web interface are vulnerable to both reflected and stored cross site scripting attacks. All pages where cross site scripting vulnerabilities were discovered require authentication. Oracle GlassFish Server version 3.1.1 build 12 is affected. • https://www.exploit-db.com/exploits/18764 http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html http://marc.info/?l=bugtraq&m=134496371727681&w=2 http://rhn.redhat.com/errata/RHSA-2012-0734.html http://rhn.redhat.com/errata/RHSA-2013-1455.html http://rhn.redhat.com/errata/RHSA-2013-1456.html http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com&#x •