CVSS: 10.0EPSS: 1%CPEs: 150EXPL: 0CVE-2012-3143 – JDK: unspecified vulnerability (JMX)
https://notcve.org/view.php?id=CVE-2012-3143
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX, a different vulnerability than CVE-2012-5089. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 7 Update 7 y versiones anteriores, 6 Update 35 y versiones anteriores, 5.0 Update 36 y versiones anteriores, permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad, relacionados con JMX, una vulnerabilidad diferente a CVE-2012-5089. • http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html http://marc.info/?l=bugtraq&m=135542848327757&w=2 http://marc.info/?l=bugtraq&m=135758563611658&w=2 http://rhn.redhat.com/errata/RHSA-2012-1391.html http://rhn.redhat.com/errata/RHSA-2012-1392.html http://rhn.redhat.com/errata/RHSA-2012-1465.html http:&# •
CVSS: 5.8EPSS: 0%CPEs: 150EXPL: 0CVE-2012-5069 – OpenJDK: Executors state handling issues (Concurrency, 7189103)
https://notcve.org/view.php?id=CVE-2012-5069
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Concurrency. Una vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE v7 Update 7 y versiones anteriores, v6 Update 35 y anteriores, v5.0 Update 36 y anteriores permite a atacantes remotos afectar la confidencialidad a través de vectores desconocidos relacionados con la Concurrencia. • http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html http://marc.info/?l=bugtraq&m=135542848327757&w=2 http://marc.info/?l=bugtraq&m=135758563611658&w=2 http://rhn.redhat.com/errata/RHSA-2012-1385.html http://rhn.redhat.com/errata/RHSA-201 •
CVSS: 10.0EPSS: 1%CPEs: 82EXPL: 0CVE-2012-5086 – OpenJDK: XMLDecoder sandbox restriction bypass (Beans, 7195917)
https://notcve.org/view.php?id=CVE-2012-5086
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans. Una vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 7 Update 7 y anteriores, y v6 Update 35 y anteriores, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con los Beans. • http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00023.html http://marc.info/?l=bugtraq&m=135542848327757&w=2 http://marc.info/?l=bugtraq&m=135758563611658&w=2 http://rhn.redhat.com/errata/RHSA-2012-1385.html http://rhn.redhat.com/errata/RHSA-2012-1386.html http://rhn.redhat.com/errata/RHSA-2012-1391.html http://rhn.redhat.com/errata/RHSA-2012-1392.html http://rhn.redhat.com&#x •
CVSS: 0EPSS: 1%CPEs: 79EXPL: 1CVE-2012-0547 – Java 7 Applet - Remote Code Execution
https://notcve.org/view.php?id=CVE-2012-0547
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and "a security-in-depth issue that is not directly exploitable but which can be used to aggravate security vulnerabilities that can be directly exploited." NOTE: this identifier was assigned by the Oracle CNA, but CVE is not intended to cover defense-in-depth issues that are only exposed by the presence of other vulnerabilities. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "toolkit internals references." Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE v7 Update v6 y anteriores, y 6 Update v34 no tiene impacto y no tiene impacto y vectores de ataque a distancia que implican AWT y "un security-in-depth que no es directamente explotable, pero que se puede utilizar para agravar las vulnerabilidades de seguridad que pueden ser explotadas directamente". NOTA: este identificador fue asignado por el CNA Oracle, pero CVE no se destina a cubrir los problemas (defense-in-depth) que se exponen sólo por la presencia de otras vulnerabilidades. • https://www.exploit-db.com/exploits/20865 http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html http://marc.info/?l=bugtraq&m=135161897205627&w=2 http://rhn.redhat.com/errata/RHSA-2012-1222.html http://rhn.redhat.com/errata/RHSA-2012-1225.html http://rhn.redhat.com/errata/RHSA-2012-1392.html http://rhn.r •
CVSS: 4.3EPSS: 0%CPEs: 31EXPL: 0CVE-2012-4291 – wireshark: DoS via excessive system resource consumption in CIP dissector (wnpa-sec-2012-20)
https://notcve.org/view.php?id=CVE-2012-4291
The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet. El disector CIP en Wireshark v1.4.x antes de v1.4.15, v1.6.x antes de v1.6.10 y v1.8.x antes de v1.8.2 permite a atacantes remotos causar una denegación de servicio (por excesivo consumo de memoria) a través de un paquete con formato erróneo. • http://lists.opensuse.org/opensuse-updates/2012-08/msg00033.html http://rhn.redhat.com/errata/RHSA-2013-0125.html http://secunia.com/advisories/50276 http://secunia.com/advisories/51363 http://secunia.com/advisories/54425 http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml http://www.securityfocus.com/bid/55035 http://www.wireshark.org/security/wnpa-sec-2012-20.html https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark3 https://bugs.wireshark.or • CWE-399: Resource Management Errors •