CVSS: 9.8EPSS: 4%CPEs: 22EXPL: 0CVE-2013-1485 – Oracle Java doPrivilegedWithCombiner Security Manager Bypass Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-1485
20 Feb 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries. Vulnerabilidad no especificada en el Java Runtime Environment (JRE) en el componente Oracle Java SE 7 Update 13 y anteriores permite a atacantes remotos para afectar la integridad a través de vectores desconocidos relacionados con las bibliotecas. This vulnerability allows remote attackers to execute arbitrar... • http://blog.fuseyism.com/index.php/2013/02/20/security-icedtea-2-1-6-2-2-6-2-3-7-for-openjdk-7-released •
CVSS: 10.0EPSS: 1%CPEs: 170EXPL: 0CVE-2013-1486 – OpenJDK: MBeanServer insufficient privilege restrictions (JMX, 8006446)
https://notcve.org/view.php?id=CVE-2013-1486
20 Feb 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. Vulnerabilidad no especificada en el Java Runtime Environment (JRE) en el componente Oracle Java SE 7 Update 13 y anteriores, 6 Update 39 y anteriores, y v5.0 Update 39 y anteriores permite a atacantes remotos para afectar la confide... • http://blog.fuseyism.com/index.php/2013/02/20/security-icedtea-2-1-6-2-2-6-2-3-7-for-openjdk-7-released •
CVSS: 10.0EPSS: 1%CPEs: 98EXPL: 0CVE-2013-1487 – JDK: unspecified vulnerability fixed in 6u41 and 7u15 (Deployment)
https://notcve.org/view.php?id=CVE-2013-1487
20 Feb 2013 — Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE 7 Update 13 and earlier and 6 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. Vulnerabilidad no especificada en el componente Java Runtime Environment en Oracle Java SE 7 Update 13 y anteriores y 6 Update 39 y anteriores permite a atacantes remotos para afectar la confidencialidad, integridad y disponibilidad a través de vectore... • http://marc.info/?l=bugtraq&m=136439120408139&w=2 •
CVSS: 8.1EPSS: 2%CPEs: 241EXPL: 0CVE-2013-0434 – OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235)
https://notcve.org/view.php?id=CVE-2013-0434
02 Feb 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the public declaration of the loadPropertyFile method in the JAXP FuncSystemProper... • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=907453 •
CVSS: 10.0EPSS: 7%CPEs: 241EXPL: 0CVE-2013-0442 – OpenJDK: insufficient privilege checking issue (AWT, 7192977)
https://notcve.org/view.php?id=CVE-2013-0442
02 Feb 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that byp... • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=906899 •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0CVE-2013-0449 – JDK: unspecified vulnerability fixed in 7u13 (Deployment)
https://notcve.org/view.php?id=CVE-2013-0449
02 Feb 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 allows remote attackers to affect confidentiality via unknown vectors related to Deployment. Vulnerabilidad sin especificar en el Java Runtime Environment (JRE) de Oracle Java SE v7 hasta la Update v11 permite ataques remotos que afectan a la confidencialidad por vectores desconocidos relacionados con Deployment Potential security vulnerabilities have been identified with HP Service Manager and Se... • http://marc.info/?l=bugtraq&m=136439120408139&w=2 •
CVSS: 10.0EPSS: 2%CPEs: 94EXPL: 0CVE-2013-0446 – JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)
https://notcve.org/view.php?id=CVE-2013-0446
02 Feb 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. Vulnerabilidad no especificada en el componente Java Runtime Enviroment (JRE) en Oracle Java SE v7 hasta Update 11 y v6 hasta Update 38 permite a atacantes remotos afectar la inte... • http://marc.info/?l=bugtraq&m=136439120408139&w=2 •
CVSS: 8.1EPSS: 2%CPEs: 22EXPL: 0CVE-2013-0444 – OpenJDK: MethodFinder insufficient checks for cached results (Beans, 7200493)
https://notcve.org/view.php?id=CVE-2013-0444
02 Feb 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient checks for cached results" by the Java Beans MethodFinder, which might allow attackers to access methods t... • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=907218 •
CVSS: 10.0EPSS: 7%CPEs: 241EXPL: 0CVE-2013-0441 – OpenJDK: missing serialization restriction (CORBA, 7201066)
https://notcve.org/view.php?id=CVE-2013-0441
02 Feb 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2013-1476 and CVE-2013-1475. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue al... • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=907458 •
CVSS: 10.0EPSS: 4%CPEs: 164EXPL: 0CVE-2013-0450 – OpenJDK: RequiredModelMBean missing access control context checks (JMX, 8000537)
https://notcve.org/view.php?id=CVE-2013-0450
02 Feb 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper checks of "access control context" in the JMX RequiredModelMBean cl... • http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS •