Page 47 of 359 results (0.020 seconds)

CVSS: 2.6EPSS: 2%CPEs: 45EXPL: 0

CVE-2010-4472 – OpenJDK untrusted code allowed to replace DSIG/C14N implementation (6994263)

https://notcve.org/view.php?id=CVE-2010-4472

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to affect availability, related to XML Digital Signature and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves the replacement of the "XML DSig Transform or C14N algorithm implementations." Vulnerabilidad no especificada en Java Runtime Environment (JRE) en Oracle Java SE y Java for Business 6 Update 23 y versiones anteriores permite a atacantes remotos afectar la disponibilidad, relacionado con XML Digital Signature y APIs no especificadas. NOTA: la información previa fue obtenida de febrero 2011 CPU. • http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054115.html http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054134.html http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://secunia.com/advisories/43350 http://security.gentoo.org/glsa/glsa-201406-32.xml http://www.debian.org/security/2011/dsa-2224 http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index& •

CVSS: 2.1EPSS: 0%CPEs: 45EXPL: 0

CVE-2010-4474

https://notcve.org/view.php?id=CVE-2010-4474

Unspecified vulnerability in the Java DB component in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows local users to affect confidentiality via unknown vectors related to Security, a similar vulnerability to CVE-2009-4269. Vulnerabilidad no especificada en el componente de Java DB en Oracle Java SE y Java for Business v6 Update 23 y anteriores permite a usuarios locales afectar la confidencialidad a través de vectores desconocidos relacionados con la seguridad, una vulnerabilidad similar a CVE-2009-4269. • http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html http://www.securityfocus.com/bid/46407 https://exchange.xforce.ibmcloud.com/vulnerabilities/65412 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14534 •

CVSS: 3.7EPSS: 0%CPEs: 161EXPL: 0

CVE-2010-4450 – OpenJDK Launcher incorrect processing of empty library path entries (6983554)

https://notcve.org/view.php?id=CVE-2010-4450

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Solaris and Linux; 5.0 Update 27 and earlier for Solaris and Linux; and 1.4.2_29 and earlier for Solaris and Linux allows local standalone applications to affect confidentiality, integrity, and availability via unknown vectors related to Launcher. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is an untrusted search path vulnerability involving an empty LD_LIBRARY_PATH environment variable. Vulnerabilidad no especificada en Java Runtime Environment (JRE) en Oracle Java SE y Java for Business 6 Update 23 y versiones anteriores para Solaris y Linux; y 1.4.2_29 y versiones anteriores para Solaris y Linux permite a aplicaciones autónomas locales afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Launcher. NOTA: la información previa fue obtenida de febrero 2011 CPU. • http://dbhole.wordpress.com/2011/02/15/icedtea-web-1-0-1-released http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054115.html http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054134.html http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://secunia.com/advisories/43350 http://security.gentoo.org/glsa/glsa-201406-32.xml http://www.debian.org/security/2011/dsa-2224 http://www& •

CVSS: 7.6EPSS: 1%CPEs: 45EXPL: 0

CVE-2010-4451 – JDK unspecified vulnerability in Install component

https://notcve.org/view.php?id=CVE-2010-4451

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Windows, when using Java Update, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install. Vulnerabilidad no especificada en Java Runtime Environment (JRE) en Oracle Java SE y Java for Business v6 Update v23 y anteriores para Windows, cuando se usa Java Update, permite a atacantes remotos vulnerar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Install. • http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html http://www.redhat.com/support/errata/RHSA-2011-0282.html http://www.securityfocus.com/bid/46405 https://exchange.xforce.ibmcloud.com/vulnerabilities/65402 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13942 https://access.redhat.com/security/cve/CVE-2010-4451 https:// •

CVSS: 5.0EPSS: 0%CPEs: 101EXPL: 0

CVE-2010-4471 – OpenJDK Java2D font-related system property leak (6985453)

https://notcve.org/view.php?id=CVE-2010-4471

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, and 5.0 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to 2D. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to the exposure of system properties via vectors related to Font.createFont and exception text. Vulnerabilidad no especificada en Java Runtime Environment (JRE) en Oracle Java SE y Java for Business 6 Update 23 y versiones anteriores, 5.0 Update 27 y versiones anteriores permite a aplicaciones remotas Java Web Start no confiables y subprogramas Java no confiables afectar a la confidencialidad a través de vectores desconocidos relacionados con 2D. NOTA: la información previa fue obtenida de febrero 2011 CPU. • http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054115.html http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054134.html http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://secunia.com/advisories/43350 http://secunia.com/advisories/44954 http://security.gentoo.org/glsa/glsa-201406-32.xml http://www.debian.org/security/2011/dsa-2224 http://www.hitachi.co.jp/Prod/comp/soft1/gl •