Page 52 of 939 results (0.007 seconds)

CVSS: 5.3EPSS: 1%CPEs: 12EXPL: 0

CVE-2016-3508 – OpenJDK: missing entity replacement limits (JAXP, 8149962)

https://notcve.org/view.php?id=CVE-2016-3508

Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500. Vulnerabilidad no especificada en Oracle Java SE 6u115, 7u101 y 8u92; Java SE Embedded 8u91 y JRockit R28.3.10 permite a atacantes remotos afectar la disponibilidad a través de vectores relacionados con JAXP, una vulnerabilidad diferente a CVE-2016-3500. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html http://lists.opensuse.org/opensuse-updates/2016-08/msg00028. • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 7.7EPSS: 0%CPEs: 4EXPL: 0

CVE-2016-3511 – JDK: unspecified vulnerability fixed in 7u111 and 8u101 (Deployment)

https://notcve.org/view.php?id=CVE-2016-3511

Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Deployment. Vulnerabilidad no especificada en Oracle Java SE 7u101 y 8u92 permite a usuarios locales afectar la confidencialidad, la integridad y la disponibilidad a través de vectores relacionados con Deployment. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2016-09 •

CVSS: 4.3EPSS: 0%CPEs: 11EXPL: 0

CVE-2016-3550 – OpenJDK: integer overflows in bytecode streams (Hotspot, 8152479)

https://notcve.org/view.php?id=CVE-2016-3550

Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality via vectors related to Hotspot. Vulnerabilidad en Oracle Java SE 6u115, 7u101 y 8u92 y Java SE Embedded 8u91 permite a atacantes remotos afectar la confidencialidad a través de vectores relacionados con Hotspot. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html http://lists.opensuse.org/opensuse-updates/2016-08/msg00028. • CWE-190: Integer Overflow or Wraparound •

CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0

CVE-2016-3552 – JDK: unspecified vulnerability fixed in 8u101 (Install)

https://notcve.org/view.php?id=CVE-2016-3552

Unspecified vulnerability in Oracle Java SE 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Install. Vulnerabilidad en Oracle Java SE 8u92 permite usuarios locales afectar la confidencialidad, la integridad y la disponibilidad a través de vectores relacionados con Install. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html http://www.securityfocus.com/bid/91787 http://www.securityfocus.com/bid/92000 http://www.securitytracker.com/id/1036365 https://access.redhat.com/errata/RHSA-2016:1475 https://security.gentoo.org/glsa/2016 •

CVSS: 9.6EPSS: 1%CPEs: 6EXPL: 0

CVE-2016-3587 – Oracle Java MethodHandle Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2016-3587

Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot. Vulnerabilidad no especificada en Oracle Java SE 8u92 y Java SE Embedded 8u91 permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores relacionados con Hotspot. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the MethodHandle class. Due to unsafe handling of reflection of privileged classes inside the MethodHandle class, it is possible for untrusted code to gain access to privileged methods and properties. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/91787 http://www.securityfocus.com/bid/91904 http://www.securitytracker.com/id/1036365 http://ww •