CVSS: 9.3EPSS: 2%CPEs: 8EXPL: 0CVE-2014-4216 – OpenJDK: Incorrect generic signature attribute parsing (Hotspot, 8037076)
https://notcve.org/view.php?id=CVE-2014-4216
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. Vulnerabilidad no especificada en Oracle Java SE 5.0u65, 6u75, 7u60 y 8u5 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Hotspot. • http://marc.info/?l=bugtraq&m=140852886808946&w=2 http://marc.info/?l=bugtraq&m=140852974709252&w=2 http://seclists.org/fulldisclosure/2014/Dec/23 http://secunia.com/advisories/60129 http://secunia.com/advisories/60245 http://secunia.com/advisories/60485 http://secunia.com/advisories/60812 http://security.gentoo.org/glsa/glsa-201502-12.xml http://www.debian.org/security/2014/dsa-2980 http://www.debian.org/security/2014/dsa-2987 http://www.oracle.com/technetwo •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2014-4221 – OpenJDK: MethodHandles.Lookup insufficient modifiers checks (Libraries, 8035788)
https://notcve.org/view.php?id=CVE-2014-4221
Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Libraries. Vulnerabilidad no especificada en Oracle Java SE 7u60 y 8u5 permite a atacantes remotos afectar la confidencialidad a través de vectores desconocidos relacionados con Libraries. • http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html http://marc.info/?l=bugtraq&m=140852886808946&w=2 http://seclists.org/fulldisclosure/2014/Dec/23 http://secunia.com/advisories/59680 http://secunia.com/advisories/59924 http://secunia.com/advisories/59987 http://secunia.com/advisories/60081 http://secunia.com/advisories/60317 http://secunia.com/advisories/60485 http://secunia.com/advisories/60622 http://secunia.com/advisories/60812 http://secunia.c •
CVSS: 9.3EPSS: 49%CPEs: 8EXPL: 0CVE-2014-4262 – OpenJDK: AtomicReferenceFieldUpdater missing primitive type check (Libraries, 8039520)
https://notcve.org/view.php?id=CVE-2014-4262
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. Vulnerabilidad no especificada en Oracle Java SE 5.0u65, 6u75, 7u60, y 8u5 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con las librerías • http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html http://marc.info/?l=bugtraq&m=140852886808946&w=2 http://marc.info/?l=bugtraq&m=140852974709252&w=2 http://rhn.redhat.com/errata/RHSA-2015-0264.html http://seclists.org/fulldisclosure/2014/Dec/23 http://secunia.com/advisories/59404 http://secunia.com/adviso •
CVSS: 6.4EPSS: 1%CPEs: 8EXPL: 0CVE-2014-4209 – OpenJDK: SubjectDelegator protection insufficient (JMX, 8029755)
https://notcve.org/view.php?id=CVE-2014-4209
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality and integrity via vectors related to JMX. Vulnerabilidad no especificada en Oracle Java SE 5.0u65, 6u75, 7u60 y 8u5 permite a atacantes remotos afecatr la confidencialidad e integridad a través de vectores relacionados con JMX. • http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html http://marc.info/?l=bugtraq&m=140852886808946&w=2 http://marc.info/?l=bugtraq&m=140852974709252&w=2 http://rhn.redhat.com/errata/RHSA-2015-0264.html http://seclists.org/fulldisclosure/2014/Dec/23 http://secunia.com/advisories/59404 http://secunia.com/adviso •
CVSS: 4.0EPSS: 0%CPEs: 10EXPL: 0CVE-2014-4263 – OpenJDK: insufficient Diffie-Hellman public key validation (Security, 8037162)
https://notcve.org/view.php?id=CVE-2014-4263
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to "Diffie-Hellman key agreement." Vulnerabilidad no especificada en Oracle Java SE 5.0u65, 6u75, 7u60, y 8u5, y JRockit R27.8.2 y R28.3.2, permite a atacantes remotos afectar a la confidencialidad y la integridad a través de vectores desconocidos relacionados con el 'Acuerdo de Claves Diffie-Hellman' • http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html http://marc.info/?l=bugtraq&m=140852886808946&w=2 http://marc.info/?l=bugtraq&m=140852974709252&w=2 http://rhn.redhat.com/errata/RHSA-2015-0264.html http://seclists.org/fulldisclosure/2014/Dec/23 http://secunia.com/advisories/58830 http://secunia.com/adviso •