CVSS: 10.0EPSS: 96%CPEs: 9EXPL: 2CVE-2012-5076 – Oracle Java SE Sandbox Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2012-5076
16 Oct 2012 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JAX-WS. Una vulnerabilidad no especificada en el Java Runtime Environment (JRE) en el componente Oracle Java SE v7 Update 7 y versiones anteriores permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad. Se trata de un problema relacionado con JAX-WS. Multiple vulnerabilities ... • https://www.exploit-db.com/exploits/24309 • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 1%CPEs: 79EXPL: 1CVE-2012-0547 – Java 7 Applet - Remote Code Execution
https://notcve.org/view.php?id=CVE-2012-0547
30 Aug 2012 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and "a security-in-depth issue that is not directly exploitable but which can be used to aggravate security vulnerabilities that can be directly exploited." NOTE: this identifier was assigned by the Oracle CNA, but CVE is not intended to cover defense-in-depth issues that are only exposed by the presence of othe... • https://www.exploit-db.com/exploits/20865 •
CVSS: 10.0EPSS: 9%CPEs: 14EXPL: 0CVE-2012-1682 – Oracle Java java.beans.Statement Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-1682
30 Aug 2012 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "XMLDecoder security issue via ClassFinder." Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java... • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00006.html •
CVSS: 10.0EPSS: 1%CPEs: 14EXPL: 0CVE-2012-3136 – OpenJDK: beans MethodElementHandler insufficient permission checks (beans, 7194567)
https://notcve.org/view.php?id=CVE-2012-3136
30 Aug 2012 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-1682. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE v7 Update v6 y anteriores, permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores de... • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html •
CVSS: 10.0EPSS: 94%CPEs: 85EXPL: 5CVE-2012-4681 – Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-4681
28 Aug 2012 — Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to a... • https://www.exploit-db.com/exploits/20865 • CWE-284: Improper Access Control •
CVSS: 9.1EPSS: 0%CPEs: 10EXPL: 0CVE-2012-1726 – OpenJDK: java.lang.invoke.MethodHandles.Lookup does not honor access modes (Libraries, 7165628)
https://notcve.org/view.php?id=CVE-2012-1726
16 Jun 2012 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. Vulnerabilidad no especificada en el Java Runtime Environment (JRE), componente de Oracle Java SE 7 actualización 4 y anteriores permite a atacantes remotos afectar a la confidencialidad y la integridad a través de vectores desconocidos relacionados con las bibliotecas. Multiple vulnerabili... • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html •
CVSS: 10.0EPSS: 1%CPEs: 139EXPL: 0CVE-2012-1716 – OpenJDK: SynthLookAndFeel application context bypass (Swing, 7143614)
https://notcve.org/view.php?id=CVE-2012-1716
16 Jun 2012 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing. Vulnerabilidad no especificada en el Java Runtime Environment (JRE), componente de Oracle Java SE 7 Update 4 y anteriores, 6 Update 32 y anteriores, y 5 actualización 35 y anteriores permite a atacantes remotos afectar la conf... • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00028.html •
CVSS: 10.0EPSS: 21%CPEs: 9EXPL: 0CVE-2012-1713 – Oracle Java WebStart Browser Argument Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-1713
16 Jun 2012 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, 1.4.2_37 and earlier, and JavaFX 2.1 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. Vulnerabilidad no especificada en el Java Runtime Environment (JRE), componente de Oracle Java SE 7 Update 4 y anteriores, 6 Update 32 y anteriores, 5 actualización 35 y anteriores, v... • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html •
CVSS: 10.0EPSS: 1%CPEs: 4EXPL: 0CVE-2012-1722 – JDK: unspecified vulnerability fixed in 6u33 and 7u5 (Deployment)
https://notcve.org/view.php?id=CVE-2012-1722
16 Jun 2012 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1721. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE v7 actualización 4 y anteriores, y v6 actualización 32 y anteriores, que permite a atacantes remotos a... • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html •
CVSS: 10.0EPSS: 9%CPEs: 4EXPL: 0CVE-2012-1721 – Oracle Java WebStart Changing System Properties Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-1721
16 Jun 2012 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1722. Vulnerabilidad no especificada en el componente Java Runtime Enviroment (JRE) en Oracle Java SE v7 actualización 4 y anteriores, y v6 actualización 32 y anteriores, permite a atacantes remotos afecta... • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html •