CVSS: 10.0EPSS: 2%CPEs: 8EXPL: 0CVE-2015-4731 – OpenJDK: improper permission checks in MBeanServerInvocationHandler (JMX, 8076397)
https://notcve.org/view.php?id=CVE-2015-4731
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. Vulnerabilidad no especificada en Oracle Java SE 6u95, 7u80, y 8u45; Java SE Embedded 7u75; y Java SE Embedded 8u33, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores relacionados con JMX. • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html http://rhn.redhat.com/errata/RHSA-2015-1228.html http://rhn.redhat.com/errata/RHSA-2015-1229.html http://rhn.redhat.com/errata/RHSA-2015-1230.html http://rhn.redhat.com/errata/RHSA-2015-12 •
CVSS: 10.0EPSS: 2%CPEs: 6EXPL: 0CVE-2015-4760 – ICU: missing boundary checks in layout engine (OpenJDK 2D, 8071715)
https://notcve.org/view.php?id=CVE-2015-4760
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. Vulnerabilidad no especificada en Oracle Java SE 6u95, 7u80 y 8u45, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con 2D. • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html http://rhn.redhat.com/errata/RHSA-2015-1228.html http://rhn.redhat.com/errata/RHSA-2015-1229.html http://rhn.redhat.com/errata/RHSA-2015-1230.html http://rhn.redhat.com/errata/RHSA-2015-12 • CWE-787: Out-of-bounds Write •
CVSS: 7.6EPSS: 2%CPEs: 11EXPL: 0CVE-2015-4748 – OpenJDK: incorrect OCSP nextUpdate checking (Libraries, 8075374)
https://notcve.org/view.php?id=CVE-2015-4748
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security. Vulnerabilidad no especificada en Oracle Java SE 6u95, 7u80 y 8u45; JRockit R28.3.6; y Java SE Embedded 7u75 y Embedded 8u33, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Security. A flaw was found in the way the Libraries component of OpenJDK verified Online Certificate Status Protocol (OCSP) responses. An OCSP response with no nextUpdate date specified was incorrectly handled as having unlimited validity, possibly causing a revoked X.509 certificate to be interpreted as valid. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html http://rhn.redhat.com/errata/RHSA-2015-1228.html http://rhn.redhat.com/errata/RHSA-2015-1229.html http://rhn.redhat.com/errata/R • CWE-299: Improper Check for Certificate Revocation •
CVSS: 5.0EPSS: 0%CPEs: 9EXPL: 0CVE-2015-2619 – JDK: unspecified vulnerability fixed in 7u85 and 8u51 (2D)
https://notcve.org/view.php?id=CVE-2015-2619
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, JavaFX 2.2.80, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via unknown vectors related to 2D. Vulnerabilidad no especificada en Oracle Java SE 7u80 y 8u45, JavaFX 2.2.80, y Java SE Embedded 7u75 y 8u33, permite a atacantes remotos afectar la confidencialidad a través de vectores desconocidos relacionados con 2D. • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html http://rhn.redhat.com/errata/RHSA-2015-1241.html http://rhn.redhat.com/errata/RHSA-2015-1242.html http://rhn.redhat.com/errata/RHSA-2015-1485.html http://rhn.redhat.com/errata/RHSA-2015-14 •
CVSS: 6.9EPSS: 0%CPEs: 6EXPL: 0CVE-2015-2664 – JDK: unspecified vulnerability fixed in 6u101, 7u85 and 8u51 (Deployment)
https://notcve.org/view.php?id=CVE-2015-2664
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. Vulnerabilidad no especificada en Oracle Java SE 6u95, 7u80 y 8u45, permite a usuarios locales afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Deployment. • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html http://rhn.redhat.com/errata/RHSA-2015-1241.html http://rhn.redhat.com/errata/RHSA-2015-1242.html http://rhn.redhat.com/errata/RHSA-2015-1243.html http://rhn.redhat.com/errata/RHSA-2015-14 •