CVSS: 7.5EPSS: 1%CPEs: 31EXPL: 0CVE-2015-3044 – flash-plugin: security bypass leading to information disclosure (APSB15-06)
https://notcve.org/view.php?id=CVE-2015-3044
14 Apr 2015 — Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors. Adobe Flash Player anterior a 13.0.0.281 y 14.x hasta 17.x anterior a 17.0.0.169 en Windows y OS X y anterior a 11.2.202.457 en Linux permite a atacantes evadir restricciones de acceso y obtener información sensible a través de vectores no especificados. The flash-plu... • http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 6%CPEs: 31EXPL: 0CVE-2015-0346 – flash-plugin: multiple code execution issues fixed in APSB15-06
https://notcve.org/view.php?id=CVE-2015-0346
14 Apr 2015 — Double free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0359. Vulnerabilidad de liberación doble en Adobe Flash Player anterior a 13.0.0.281 y 14.x hasta 17.x anterior a 17.0.0.169 en Windows y OS X y anterior a 11.2.202.457 en Linux permite a atacantes ejecutar código arbitrario a través de vectores... • http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html •
CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 2CVE-2014-8121 – glibc: Unexpected closing of nss_files databases after lookups causes denial of service
https://notcve.org/view.php?id=CVE-2014-8121
05 Mar 2015 — DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset. DB_LOOKUP en nss_files/files-XXX.c en Name Service Switch (NSS) en GNU C Library (también conocida como glibc o libc6) 2.21 y versiones anteriores no comprueba cor... • http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00019.html • CWE-17: DEPRECATED: Code CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2015-0421 – JDK: unspecified vulnerability fixed in 8u31 (Install)
https://notcve.org/view.php?id=CVE-2015-0421
21 Jan 2015 — Unspecified vulnerability in Oracle Java SE 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the installation process. Vulnerabilidad no especificada en Oracle Java SE 8u25 permite a usuarios locales afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos relacionados con el proceso de instalación. Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development... • http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html •
CVSS: 9.8EPSS: 2%CPEs: 3EXPL: 0CVE-2015-0437 – OpenJDK: code generation issue (Hotspot, 8064524)
https://notcve.org/view.php?id=CVE-2015-0437
21 Jan 2015 — Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. Vulnerabilidad no especificada en Oracle Java SE 8u25 permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos relacionados con Hotspot. A flaw was found in the way the Hotspot component in OpenJDK in the way this component generated code for bytecode. An untrusted Java appli... • http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html •
CVSS: 9.1EPSS: 0%CPEs: 7EXPL: 0CVE-2015-0403 – JDK: unspecified vulnerability fixed in 6u91, 7u75 and 8u31 (Deployment)
https://notcve.org/view.php?id=CVE-2015-0403
21 Jan 2015 — Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. Vulnerabilidad no especificada en Oracle Java SE 6u85, 7u72, y 8u25 permite a usuarios locales afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos relacionados con Deployment. This update corrects several security vulnerabilities in the IBM Java Runtime Environment shipped as part of ... • http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581 •
CVSS: 9.1EPSS: 4%CPEs: 7EXPL: 0CVE-2015-0406 – JDK: unspecified vulnerability fixed in 6u91, 7u75 and 8u31 (Deployment)
https://notcve.org/view.php?id=CVE-2015-0406
21 Jan 2015 — Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality and availability via unknown vectors related to Deployment. Vulnerabilidad no especificada en Oracle Java SE 6u85, 7u72, y 8u25 permite a atacantes remotos afectar la confidencialidad y la disponibilidad a través de vectores desconocidos relacionados con Deployment. This update corrects several security vulnerabilities in the IBM Java Runtime Environment shipped as part of Red Hat Satellite 5.7... • http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581 •
CVSS: 7.5EPSS: 0%CPEs: 29EXPL: 0CVE-2015-0383 – OpenJDK: insecure hsperfdata temporary file handling (Hotspot, 8050807)
https://notcve.org/view.php?id=CVE-2015-0383
21 Jan 2015 — Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot. Vulnerabilidad no especificada en Oracle Java SE 5.0u75, 6u85, 7u72, y 8u25; Java SE Embedded 7u71 y 8u6; y JRockit R27.8.4 y R28.3.4 permite a usuarios locales afectar la integridad y la disponibilidad a través de vectores desconocidos relacionados con Hotspot. Multiple insecur... • http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581 • CWE-377: Insecure Temporary File •
CVSS: 10.0EPSS: 13%CPEs: 18EXPL: 0CVE-2014-6601 – OpenJDK: class verifier insufficient invokespecial calls verification (Hotspot, 8058982)
https://notcve.org/view.php?id=CVE-2014-6601
21 Jan 2015 — Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. Vulnerabilidad no especificada en Oracle Java SE 6u85, 7u72, y 8u25 permite a atacantes remotos afectar la confidencialidad, integridad, y disponibilidad a través de vectores desconocidos relacionados con Hotspot. A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted ... • http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581 •
CVSS: 10.0EPSS: 8%CPEs: 20EXPL: 0CVE-2015-0408 – OpenJDK: incorrect context class loader use in RMI transport (RMI, 8055309)
https://notcve.org/view.php?id=CVE-2015-0408
21 Jan 2015 — Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. Vulnerabilidad no especificada en Oracle Java SE 5.0u75, 6u85, 7u72, y 8u25 permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores relacionados con RMI. An improper permission check issue was discovered in the RMI component in OpenJDK. An untrusted Java application or applet... • http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581 •