Page 48 of 674 results (0.014 seconds)

CVSS: 5.0EPSS: 7%CPEs: 9EXPL: 0

CVE-2015-4911 – OpenJDK: incomplete supportDTD enforcement (JAXP, 8130078)

https://notcve.org/view.php?id=CVE-2015-4911

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4893. Vulnerabilidad no especificada en Oracle Java SE 6u101, 7u85 y 8u60; Java SE Embedded 8u51 y JRockit R28.3.7 permite a atacantes remotos afectar a la disponibilidad a través de vectores relacionados con JAXP, una vulnerabilidad diferente a CVE-2015-4803 y CVE-2015-4893. • http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2015-12 •

CVSS: 5.0EPSS: 0%CPEs: 8EXPL: 0

CVE-2015-4734 – OpenJDK: kerberos realm name leak (JGSS, 8048030)

https://notcve.org/view.php?id=CVE-2015-4734

Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JGSS. Vulnerabilidad no especificada en Oracle Java SE 6u101, 7u85 y 8u60 y Java SE Embedded 8u51, permite a atacantes remotos afectar a la confidencialidad a través de vectores relacionados con JGSS. • http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2015-12 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.0EPSS: 6%CPEs: 9EXPL: 0

CVE-2015-4803 – OpenJDK: inefficient use of hash tables and lists during XML parsing (JAXP, 8068842)

https://notcve.org/view.php?id=CVE-2015-4803

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911. Vulnerabilidad no especificada en Oracle Java SE 6u101, 7u85 y 8u60; Java SE Embedded 8u51 y JRockit R28.3.7 permite a atacantes remotos afectar a la disponibilidad a través de vectores relacionados con JAXP, una vulnerabilidad diferente a CVE-2015-4893 y CVE-2015-4911. • http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2015-12 • CWE-407: Inefficient Algorithmic Complexity •

CVSS: 10.0EPSS: 8%CPEs: 8EXPL: 0

CVE-2015-4805 – OpenJDK: missing checks for proper initialization in ObjectStreamClass (Serialization, 8103671)

https://notcve.org/view.php?id=CVE-2015-4805

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serialization. Vulnerabilidad no especificada en Oracle Java SE 6u101, 7u85 y 8u60 y Java SE Embedded 8u51, permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Serialization. • http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2015-12 • CWE-665: Improper Initialization •

CVSS: 6.4EPSS: 0%CPEs: 8EXPL: 0

CVE-2015-4806 – OpenJDK: HttpURLConnection header restriction bypass (Libraries, 8130193)

https://notcve.org/view.php?id=CVE-2015-4806

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. Vulnerabilidad no especificada en Oracle Java SE 6u101, 7u85 y 8u60 y Java SE Embedded 8u51, permite a atacantes remotos afectar a la confidencialidad e integridad a través de vectores desconocidos relacionados con Libraries. • http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2015-12 • CWE-20: Improper Input Validation •