Page 67 of 648 results (0.016 seconds)

CVSS: 10.0EPSS: 5%CPEs: 22EXPL: 0

CVE-2014-2421 – Oracle Java JPEG Buffer Overflow Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2014-2421

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. Vulnerabilidad no especificada en Oracle Java SE 5.0u61, 6u71, 7u51, y 8; JavaFX 2.2.51; y Java SE Embedded 7u51 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con 2D. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG images. The issue lies in the ability to control the count parameter to a call to memmove. • http://marc.info/?l=bugtraq&m=140852886808946&w=2 http://marc.info/?l=bugtraq&m=140852974709252&w=2 http://rhn.redhat.com/errata/RHSA-2014-0675.html http://rhn.redhat.com/errata/RHSA-2014-0685.html http://secunia.com/advisories/58415 http://secunia.com/advisories/59058 http://security.gentoo.org/glsa/glsa-201406-32.xml http://security.gentoo.org/glsa/glsa-201502-12.xml http://www-01.ibm.com/support/docview.wss?uid=swg21672080 http://www-01.ibm.com/support •

CVSS: 6.8EPSS: 1%CPEs: 5EXPL: 0

CVE-2014-2422 – JDK: unspecified vulnerability fixed in 7u55 and 8u5 (JavaFX)

https://notcve.org/view.php?id=CVE-2014-2422

Unspecified vulnerability in Oracle Java SE 7u51 and 8, and JavaFX 2.2.51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en Oracle Java SE 7u51 y 8, y JavaFX 2.2.51, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=140852886808946&w=2 http://security.gentoo.org/glsa/glsa-201502-12.xml http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html http://www.securityfocus.com/bid/66912 https://access.redhat.com/errata/RHSA-2014:0413 https://access.redhat.com/security/cve/CVE-2014-2422 https://bugzilla.redhat.com/show_bug.cgi?id=1088026 •

CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0

CVE-2014-2423 – OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026188)

https://notcve.org/view.php?id=CVE-2014-2423

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-0458. Vulnerabilidad no especificada en Oracle Java SE 6u71, 7u51, y 8, y Java SE Embedded 7u51, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores relacionados con JAX-WS, una vulnerabilidad diferente a CVE-2014-0452 y CVE-2014-0458. • http://marc.info/?l=bugtraq&m=140852886808946&w=2 http://marc.info/?l=bugtraq&m=140852974709252&w=2 http://rhn.redhat.com/errata/RHSA-2014-0675.html http://rhn.redhat.com/errata/RHSA-2014-0685.html http://secunia.com/advisories/58415 http://security.gentoo.org/glsa/glsa-201406-32.xml http://security.gentoo.org/glsa/glsa-201502-12.xml http://www-01.ibm.com/support/docview.wss?uid=swg21672080 http://www.debian.org/security/2014/dsa-2912 http://www.oracle •

CVSS: 5.8EPSS: 0%CPEs: 19EXPL: 0

CVE-2014-0460 – OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731)

https://notcve.org/view.php?id=CVE-2014-0460

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI. Vulnerabilidad no especificada en Oracle Java SE 5.0u61, 6u71, 7u51, y 8; JRockit R27.8.1 y R28.3.1; y Java SE Embedded 7u51 permite a atacantes remotos afectar a la confidencialidad e integridad mediante vectores relacionados con JNDI. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 http://marc.info/?l=bugtraq&m=140852886808946&w=2 http://marc.info/?l=bugtraq&m=140852974709252&w=2 http://rhn.redhat.com/errata/RHSA-2014-0675.html http://rhn.redhat.com/errata/RHSA-2014-0685.html http://secunia.com/advisories/58415 http://secunia.com/advisories/59022 http://secunia.com/advisories/59023 http://secunia.com/advisories/59058 http://secunia.com/advisories/59071 http://secunia.com/adviso •

CVSS: 9.3EPSS: 1%CPEs: 12EXPL: 0

CVE-2014-2397 – OpenJDK: classfile parser invalid BootstrapMethods attribute length (Hotspot, 8034926)

https://notcve.org/view.php?id=CVE-2014-2397

Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. Vulnerabilidad no especificada en Oracle Java SE 7u51 y 8, y Java SE Embedded 7u51, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Hotspot. • http://marc.info/?l=bugtraq&m=140852886808946&w=2 http://rhn.redhat.com/errata/RHSA-2014-0675.html http://rhn.redhat.com/errata/RHSA-2014-0685.html http://secunia.com/advisories/58415 http://security.gentoo.org/glsa/glsa-201406-32.xml http://security.gentoo.org/glsa/glsa-201502-12.xml http://www.debian.org/security/2014/dsa-2912 http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html http://www.securityfocus.com/bid/66893 http://www.ubuntu.com&#x •