CVSS: 8.1EPSS: 0%CPEs: 241EXPL: 0CVE-2013-0443 – OpenJDK: insufficient Diffie-Hellman public key checks (JSSE, 7192392)
https://notcve.org/view.php?id=CVE-2013-0443
02 Feb 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect validation of Diffie-Hellman keys, which allows remote att... • http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS •
CVSS: 10.0EPSS: 1%CPEs: 241EXPL: 0CVE-2013-1475 – OpenJDK: IIOP type reuse sandbox bypass (CORBA, 8000540, SE-2012-01 Issue 50)
https://notcve.org/view.php?id=CVE-2013-1475
02 Feb 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "IIOP type reuse management" in ObjectStreamClass.ja... • http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS •
CVSS: 10.0EPSS: 0%CPEs: 241EXPL: 0CVE-2013-1476 – OpenJDK: missing ValueHandlerImpl class constructor access restriction (CORBA, 8000631)
https://notcve.org/view.php?id=CVE-2013-1476
02 Feb 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2013-0441 and CVE-2013-1475. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue al... • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=907457 •
CVSS: 10.0EPSS: 1%CPEs: 241EXPL: 0CVE-2013-1478 – OpenJDK: image parser insufficient raster parameter checks (2D, 8001972)
https://notcve.org/view.php?id=CVE-2013-1478
02 Feb 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" ... • http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS •
CVSS: 10.0EPSS: 1%CPEs: 241EXPL: 0CVE-2013-1480 – Oracle Java AWT Image Transform Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-1480
02 Feb 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_... • http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS •
CVSS: 7.5EPSS: 2%CPEs: 224EXPL: 0CVE-2012-5073 – OpenJDK: LogManager security bypass (Libraries, 7169884)
https://notcve.org/view.php?id=CVE-2012-5073
16 Oct 2012 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries, a different vulnerability than CVE-2012-5079. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 7 Update 7 y versiones anteriores, 6 Update 35 y versiones anteriores, 5.0 Update 36 y ver... • http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html •
CVSS: 7.5EPSS: 2%CPEs: 224EXPL: 0CVE-2012-5077 – OpenJDK: SecureRandom mulitple seeders information disclosure (Security, 7167656)
https://notcve.org/view.php?id=CVE-2012-5077
16 Oct 2012 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Security. Una vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE Update v7 a 7 y versiones anteriores, v6 Update 35 y anteriores, v5.0 Update 36 y anteriores y v1.4.2_38 y anteriores permite a... • http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html •
CVSS: 9.1EPSS: 2%CPEs: 224EXPL: 0CVE-2012-5079 – OpenJDK: ServiceLoader reject not subtype classes without instantiating (Libraries, 7195919)
https://notcve.org/view.php?id=CVE-2012-5079
16 Oct 2012 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries, a different vulnerability than CVE-2012-5073. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 7 Update 7 y versiones anteriores, 6 Update 35 y versiones anteriores, 5.0 Update 36 y ver... • http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html •
CVSS: 10.0EPSS: 12%CPEs: 234EXPL: 0CVE-2012-1531 – JDK: unspecified vulnerability (2D)
https://notcve.org/view.php?id=CVE-2012-1531
16 Oct 2012 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier; and JavaFX 2.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. Una vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE v7 Update 7 y versiones anteriores, v6 Update 35 y anteriores, v5.0 Update ... • http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html •
CVSS: 10.0EPSS: 20%CPEs: 234EXPL: 0CVE-2012-5083 – JDK: unspecified vulnerability (2D)
https://notcve.org/view.php?id=CVE-2012-5083
16 Oct 2012 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, 1.4.2_38 and earlier, and JavaFX 2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. Una vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE v7 Update 7 y versiones anteriores, v6 Update 35 y anteriores, v5.0 Update 36 y ... • http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html •